Data is big, data is valuable and data is trouble. In 2014, the Breach Level Index recorded that over one billion records had been breached, an increase of 78% over 2013. And 2015 is seeing similar levels – the first 2 quarters of the year each seeing a loss of almost 340 million records.
By United Security Providers
2. SUMMARY
1. Introduction
2. The What, Why and Wherefore of Data Loss
3. How Do Cybercriminals Steal Data ?
4. How the Loss of Company Data Affects your Business
5. How to Protect your Company Data
Page 2Cybersecurity
3. 1. INTRODUCTION
Page 3Cybersecurity
Data is big, data is valuable and data is trouble.
Data loss affects all of us, as individuals and within an
organization. It affects all types of companies no
matter what size they are.
Data loss and theft are the most common types of
cybercrime according to PWC.
The UK is the worst hit nation in Europe with 93% of
large UK organizations reporting a breach in 2013.
78%
more breaches have been
recorded in 2014
by Breach Level Index.
340 million
breaches have been
recorded in the first
two quarters of 2015.
4. 1. INTRODUCTION
Page 4Cybersecurity
Data loss and theft are the most common types
of cybercrime according to PWC.
The top four types of security incidents are:
Computer records compromised
Employee records compromised
Loss or damage of internal records
Loss of intellectual property
According to report from the Global State of Information Security 2016.
5. Cybersecurity
1. INTRODUCTION
5
One of the biggest and most far reaching was the health care insurance provider
Anthem, where a breach in late 2014 impacted almost 80 million customer records.
Carphone Warehouse and partner Experian lost the personal data
of 2.4 million customers.
2015 was a year marked by high levels of data loss and theft.
All market sectors are being targeted and there are many examples
within the healthcare, financial and government sectors.
In Germany almost 18 million personal details of German citizens
were stolen from the server of German Bundestag
6. Cybersecurity
2. THE WHAT, WHY AND WHEREFORE OF DATA LOSS
6
Price Waterhouse Coopers estimated that the loss of trade secrets (IP) may be as high as
$2.2 trillion annually. Over the same period, they found that IP theft increased by 56%
in 2015.
Cyberespionage / Intellectual Property theft
Company financial details
There are a number of methods that are used to obtain access to company bank
accounts. One example is shown in a recent FBI warning about company bank fraud,
perpetrated by business email account being compromised.
7. Cybersecurity
2. THE WHAT, WHY AND WHEREFORE OF DATA LOSS
7
This is becoming an increasing problem as PII is being used for web services as a method
of identification and for identity assurance purposes.
This means that once an individual’s personal information is out for sale on the
cybercrime black market, it can be used for other attacks as was seen in the IRS exploit.
Personally Identifying Information - PII / identity theft
Data records
Data records are distinct from PII and can contain proprietary company information or
items such as medical scans and so on.
Stolen records can go onto the black market, fetching hundreds of dollars per record. The
average cost of a health record, for example is $363.
8. Cybersecurity
3. HOW DO CYBERCRIMINALS STEAL DATA?
8
Tactics used
to exploit
information
Advanced Persistent
Threat (APT)
Phishing and spear
phishing
Insider Threat
Malware
9. Cybersecurity
3. HOW DO CYBERCRIMINALS STEAL DATA?
9
This takes the form of a long lasting and slow exfiltration of data. It is most
commonly used to extract proprietary information, such as intellectual property.
An example of such an attack was performed on Google in 2009.
In this attack, nicknamed « Operation Aurora », it was alleged that Chinese
hackers (possibly government sponsored) were behind the attack on the company’s
intellectual property.
The APT was a typical attack where malware used a software vulnerability,
known as a zero day exploit, which is where a software vulnerability is unknown to
the vendor and therefore remains vulnerable.
The malware then sent data back to a « command and control » center operated by
hackers. APT’s can lay undetected for long periods, during which time they send
stolen information back to the central command center.
Advanced Persistent Threat (APT)
10. Cybersecurity
3. HOW DO CYBERCRIMINALS STEAL DATA?
1
0
Phishing is one of the most popular methods
of getting malware onto a computer.
It was estimated in a report « State of the
Phish » that in 2013-14, 95% of all
cyberespionage attacks and 80% of all malware
infections originated in a phishing or spear
phishing email.
Once infected, malware or spoof websites are
used to exfiltrate data, including login
credentials for company resources such as
databases.
Phishing and spear phishing
11. Cybersecurity
3. HOW DO CYBERCRIMINALS STEAL DATA?
1
1
This type of threat covers a gamut of issues,
both malicious and non-malicious.
Simple loss of data due to carelessness is a
continuing problem for companies.
Simple mis-delivery of emails, for example,
causes up to 44% of data disclosure errors
according to a Verizon report.
Insider threat
12. Cybersecurity
3. HOW DO CYBERCRIMINALS STEAL DATA?
1
2
One particularly sinister form of malware is ransomware.
This is where the malware encrypts your data, not only on your hard drive, but
potentially out into the network and even Cloud storage.
Once encrypted the cybercriminal presents a screen asking for money and if you
pay up they « promise » to decrypt the data.
Ransomware has exploded recently, up by 165% according to McAfee. And the costs
for this type of malware, alone, were around $18 million in 2014.
Malware
13. Cybersecurity
4. HOW THE LOSS OF COMPANY DATA AFFECTS YOUR BUSINESS
1
3
Loss of data isn’t just about the financial
implications of the loss. It also affects your
company brand and reputation.
And fines for non-compliance when customer
records and PII are stolen are becoming more
common place and also affect company
directors.
And data protection laws, which exist in most
countries, are applied to company directors
resulting in large fines.
14. Cybersecurity
4. HOW THE LOSS OF COMPANY DATA AFFECTS YOUR BUSINESS
1
4
In the UK the Ministry of Justice was fined £180,000 for the loss of almost
19,000 prison records when an unencrypted and non-password protected
portable hard drive went missing.
In the USA, the Target breach of late 2013 which saw the loss of around 40
million customer card details and 70 million customers PII, resulted in a
suite of class actions against the company.
The U.S. Federal Trade Commission has a specific clause in their Act for Unfair or
Deceptive Acts or Practices, which allows them to go after the directors of a
company who haven’t used sufficient protection to prevent a loss of
customer data.
15. Cybersecurity
5. HOW TO PROTECT YOUR COMPANY DATA
1
5
There are mechanisms and tools that can help you minimize the risks coming your way
from cybercriminals and even from accidental data loss by employees.
Understand how your data flows within your organization – both
internally and with the outside world, especially via the Internet.
Mapping your data flows is a fundamental part of your security
strategy and will allow you to create a game plan for data protection.
Take the form of employee education, to allow, for example a
person to recognize a phishing attempt.
Using the right tools for the job is also an integral part of your
overall security strategy for data protection.
Protecting application and data access - many data breaches
start with the loss or theft of credentials.