Yahoo, eBay, Target, Anthem. What do these four major corporations have in common? They have all fallen victim to a security or data breach. While 110 million Target shoppers had their payment and/or personal information compromised, 145 million eBay users had their names, addresses, birthdates, and encrypted passwords exposed. The Yahoo breach affected all 3 billion (yes, with a b) user accounts—the largest known attack on a corporate network to date.
Cyber attacks can take many forms, but whether malware is the main method or a hacker gains command and control by initiating a social engineering or phishing campaign, the adversary is human. Ron Pelletier, founding partner of Pondurance, asserts that, “In order to defeat human opponents, you need a dynamic defense powered by a combination of human intelligence and cutting-edge technology.”
It is reasonable to assume that security breaches occur arbitrarily throughout the year, but the Pondurance team has noticed a trend over the past five years that suggests a higher incidence between February and April. We call it breach season, and we believe it stems from the need for potential attackers to plan their moves in advance and then wait for an opportune time to strike.
As winter winds down, attackers spring into action. According to Pelletier, “These attackers, who are often criminal enterprises that are well organized and well funded, start reconnaissance efforts in the Q4 timeframe. When they find weaknesses in the networks of their targets, they launch their attacks.”
A breach can happen to any organization, regardless of its prior level of preparation. Healthcare organizations seem to be highly targeted. This is partially due to the fact that the records they possess contain a considerable amount of private data that can be sold or used to create false identities. It may also result from an over-reliance on regulatory compliance, which by itself does not equal security.
These organizations also have a higher likelihood of paying in a ransomware attack in order to minimize negative impact and expedite the return to normal operations. Although compromised healthcare records are alarming, there are even more frightening possible scenarios, including attacks on the nation’s critical infrastructure (e.g., electrical grid, water control systems).
In addition to organizations, individuals should also be concerned with the potential threat of a data breach. Although large criminal enterprises do not have a lot to gain from stealing one record, they are able to use individual data to probe further. By targeting an individual, an attacker may acquire credentials that allow him/her to gain a foothold within a network. Some common attack execution strategies are:
- Email phishing attacks, which may include malware attachments or direct links to a malicious site posing as a real site
- Phone scams in which an attacker poses as someone they are not in order to trick an individual into providing information on others or even himself/herself
- Fake advertisements on websites informing an individual that he/she needs to update certain software, which leads to the individual downloading malware
With the elevated risk of a breach this time of year, it is vital for both individuals and organizations to protect themselves from threats. Organizations can do this with a strong security program, proactive monitoring services, and best practices such as vulnerability management and multi-factor authentication. Individuals must also be aware of potential security pitfalls and never blindly give away information or passwords. When it comes to password management, organizations and individuals should make them complex and change them often.
Don’t become the next victim of breach season. For more information on building a strong security program, contact Pondurance today.