If your business had a data breach from a cyber attack, you would know it, right? The fact is that many don’t — for months! Companies take an average of 280 days to discover and contain a data breach, according to the IBM 2020 Cost of a Data Breach Report. So how can you protect your data? Start by understanding the four most common types of data breaches.
Ransomware Data Breach
When cyber criminals kidnap your data to hold for ransom it’s called a ransomware attack. But 2020 saw a new pattern in ransomware attacks: Criminals not only locked data away, but also stole it (a data breach). The results are twofold: You want to get access to your data again AND prevent criminals from releasing it publicly or selling it on the dark web.
For most businesses, getting hit with ransomware means a sudden, and often devastatingly long, interruption in business. According to Inc., National Security Alliance research, as many as 60 percent of businesses go out-of-business within six months of being hacked.
Paying the ransom doesn’t always work and is generally discouraged. And even if you get everything back, the data breach still occurred. This can carry hefty fines and penalties for businesses in some industries. That’s why prevention and fast detection are so important; so attacks can be stopped before the data is accessed.
Malware (The Silent Breach)
Malware is a general term for software that plans to do harm. This includes ransomware, but also spyware, viruses and many others. Where ransomware announces its presence, the other malware types stay silent, trying to remain undetected for months or even years while it accesses and steals valuable business data.
Modern malware has more than just one purpose. It has spyware to find out who you’re connected to and a virus to replicate itself and spread. It can even contain a ransomware component to trigger at a future date.
Most malware (including ransomware) is delivered by email (up to 94 percent according to CSO), which brings us to phishing.
Phishing is a term used to describe an attempt to breach your cyber security using an email. With phishing, a user receives an email that appears to be from a trusted sender but actually contains links or attachments that allow malware into the user’s system.
Just a few years ago, phishing attempts were easy to spot with poorly written content or slightly-off designs. That is no longer the case. Today, it can be hard for even an expert to tell the difference between an actual Amazon email and a phishing attempt made to look like it’s an email from Amazon (or any other company that many people do business with).
Social engineering has made phishing attacks even more believable. Data gathered about you or your business from a variety of sources, including social media and your company website, give cyber criminals the ammunition they need to trick the recipient into taking a quick action. Imagine your employee gets an email that looks like it’s from your vendor saying an (expensive) order is on the way. “If you didn’t place this order, click here to report it!” How many people on your team would even think twice before clicking?
Phishing is pervasive simply because it can be very difficult to guard against: You have to eliminate human error! Ongoing education and security training are the only ways to prevent a phishing-related data breach.
Denial of Service (DoS) Attack
While not technically a data breach, denial of services (DoS) cyber attacks need to be on your radar. With a DoS attack, hackers try to cripple or shut down a machine or network. One way to do this is by flooding your server with so many requests that it slows to a standstill. Another is to exploit a vulnerability and directly crash your system.
A specific type of DoS attack is especially devastating because it attacks multiple systems or locations at once. This is called a distributed denial of service attack or DDoS.
Non-Malicious Data Breach
Not every data breach involves a cyber attack. Sometimes, employees can access data they’re not authorized to handle or simply leave a device where it could be lost or stolen. Depending on your industry, both of these could be a reportable breach carrying penalties or fines.
Malicious Internal Breach
This one has a lot of names, but they all come down to one thing: Someone inside your organization purposely steals or exposes your data. Names include various combinations of these terms: criminal, malicious, insider, internal, employee, threat and/or breach.
There are, of course, many reasons an employee (or vendor) could become an internal threat. But in the big picture of cyber crime, malicious internal breaches make up a small percent of cases.
Protecting Your Business From a Data Breach
It comes down to prevention and detection. Prevent cyber criminal from gaining access to your business in four main areas:
- Cyber security planning and documentation. You need to have an IT policy that clearly states your expectations for your team. Include the need to keep personal and professional data separate, how to use computers securely, who to notify of potential threats and more.
- Ongoing training and support by cyber security professionals. When you and your employees understand how cyber thieves try to access your network, the thieves’ chance of success drops significantly. Developing an internal culture of cyber security will protect you from external and internal threats, whether malicious or accidental.
- Encrypt and limit access to sensitive data. Encryption, put simply, means that data is jumbled before it is stored, and it can’t be unjumbled again without a specific key. Even if encrypted data is physically stolen, it isn’t usable to the people who stole it. Without the key, it is gobbledygook. Even if it is encrypted, make sure that the only people in your company who have access to sensitive data are those who need to and have been trained on safe handling.
- Don’t go it alone. The cyber threat landscape exploded in 2020 and is expected to continue to expand in 2021. It is no longer possible for most businesses to effectively handle cyber security on their own; especially small to medium-sized businesses that can’t afford a large internal IT team. The right provider can help you build your defenses and stay on top of the ever-changing IT terrain.