Tag Archives: Data Breaches

Businesses are urged to take steps immediately to mitigate massive data breach tied to Chinese hackers

The alarm about the ongoing hack of Microsoft Exchange Server, which began as early as January, appears quite justified. Microsoft believes a state-sponsored Chinese group called Hafnium orchestrated the attack that exploited flaws in Exchange software to gain access to email accounts and install unauthorized software, gaining full control of affected systems.

Hafnium primarily targets entities in the United States across a number of industry sectors, including infectious disease researchers, law firms, higher education institutions, defense contractors, policy think tanks and NGOs, according to Microsoft.

In a tweet, the United States Cybersecurity and Infrastructure Security Agency (CISA) urged “ALL organizations” across “ALL sectors” to follow its guidance to address the email software’s vulnerabilities.

The number of U.S.-based organizations affected is estimated to be at least 30,000, while worldwide that number is close to 100,000. The vulnerability can be exploited to compromise networks, steal information, encrypt data for ransom, or even execute a destructive attack. CISA advises business leaders at all organizations to ask IT personnel to immediately address this incident or get third-party IT support.

A Hafnium attack should trigger any cyber insurance an organization has in place, according to Lockton, an insurance broker.  Lockton recommends that organizations contact their insurer only if they discover that the vulnerabilities being exploited are present in the system. If an attack is underway, it should be reported to cyber insurers immediately.

Data Breaches Becoming More Damaging

Recent breaches of customer data at retailer Target and banking giant Barclays are making headlines and underscore the growing risk to businesses from data breaches.

Of course, there’s a personal impact too.

The just-released 2014 Identity Fraud Report by Javelin Strategy & Research reveals that data breaches are now the greatest risk factor for identity fraud.

In 2013, one in three consumers who received notification of a data breach became a victim of fraud, up from one in four in 2012, the report found.

Some 46 percent of consumers with breached debit cards in 2013 became fraud victims in the same year, compared to only 16 percent of consumers with a social security number breached.

Other key takeaways from the report are that the overall incidence of fraud has increased even though the amount stolen has decreased.

The number of identity fraud victims increased by more than 500,000 to 13.1 million people in 2013, the second highest number since the study began. However, the dollar amount stolen fell to $18 billion, down from $21 billion in 2012.

This reflects more aggressive actions from financial institutions, identity theft protection providers and consumers, Javelin Strategy said.

There has also been a dramatic increase in account turnover fraud in the past year. According to the findings, account takeover fraud accounted for 28 percent of all identity fraud in 2013, a new record for the second year in a row.

Fraudsters also increasingly turned to eBay, PayPal and Amazon with the stolen information to make purchases.

Check out I.I.I. information on identity theft and cyber security here.

Data Breach Opportunism

As commentators debate next steps in the wake of the Global Payments data breach disclosed two weeks ago, a perhaps surprising finding of a recent report by Verizon is that most data breaches are opportunistic.

The 2012 Verizon Data Breach Investigations Report finds that 79 percent of attacks represented in the report were opportunistic.

By opportunistic, Verizon means that the victim isn’t specifically chosen as a target. Rather, they were identified and attacked because they exhibited a weakness the attacker knew how to exploit.

In addition, 97 percent of the attacks were avoidable, without the need for organizations to resort to difficult or expensive countermeasures.

According to Verizon, some 85 percent of targets of opportunity are organizations with fewer than 1,000 employees and nearly three-quarters of them hit the retail/trade and accommodation/food service industries.

Verizon says this appears to support the argument that large-scale automated attacks are opportunistically attacking small to medium businesses, and POS (point of sale) systems frequently provide the opportunity.

It observes:

Smaller organizations often do not have the knowledge or resources necessary to address flagrant weaknesses in their Internet accessible assets that cause them to be identified for opportunistic attacks.†

At the end of the report Verizon encourages readers to cut out a card listing POS security tips to give to restaurants, retailers, hotels or other establishments that they frequent.

Key tips for small businesses:

— Change administrative passwords on all POS systems; and

— Implement a firewall or access control list on remote access/administration services

Verizon adds:

These tips may seem simple, but all the evidence at our disposal suggests a huge chunk of the problem for smaller businesses would be knocked out if they were widely adopted.†

The 2012 Verizon report spans 855 data breaches across 174 million stolen records, with the participation of law enforcement partners around the globe.

Check out I.I.I. facts and statistics on identity theft and cyber security.