Phishing, Ransomware Driving Wave of Data Breaches

Data compromise has increased every month except May this year.

If this trend continues or an average of 141 new compromises per month even over the next six months, the total will still surpass the previous high of 1,632 violations from 2017.

These included the findings of the nonprofit Identity Theft Resource Center’s (ITRC) latest data breach analysis report, which found that publicly reported U.S. data breaches rose 38% in the second quarter of 2021, a total of 491 compromises compared to the first Quarter means.

Phishing, ransomware and supply chain attacks

The rise in phishing, ransomware and supply chain attacks is driving the accelerating pace of data compromise and is the key contributor to an overall record year of data breach, data loss and data leak.

However, the report found that the number of victims – 118.6 million – represents only 38% of the total number of people affected by data compromises in 2020. If the trend continues, 2021 could be the lowest number of people affected by data compromises since 2014.

“Simply put, cybercriminals don’t have to steal as much information as they have in the past to launch phishing and ransomware attacks,” said James E. Lee, ITRC’s chief operating officer. “In recent years, identity thieves have relied less on stealing the masses of information needed to attack individuals than on what they steal and the companies they target.”

He noted that despite the decline in the number of victims, the risk of identity crimes for those affected by violations and compromises is real and can be devastating.

Three important steps to take to counter threats

From Lee’s point of view, there are three key measures that every company must take to counter these threats: The first is to speed up the patching process for known software bugs and to implement an ongoing penetration test program.

“You don’t have weeks or months to avoid attacking a known bug; You have days to hours, ”Lee warned. “With a few tools, you can apply virtual patches in minutes. Use them. And you need to constantly look for zero-day bugs and other loopholes in your software and security logs. The cyber criminals are – so should you. “

Second, after patching your software, you will need extensive backups. As Lee noted, if you don’t have good backups, if you fall victim to a ransomware or malware attack, restoring your data is no longer an option.

The third action focuses on training your teams to spot phishing attempts. the leading cause of data breaches today.

“Not just a few team members and not just in reorienting the employees; Cyber ​​criminals are constantly evolving their tactics, and your teams need to know what to look for as a signal of attack when new exploits and vectors emerge, ”said Lee. “Routine training is important and ensures that everyone in a company knows that cybersecurity is a personal responsibility.”

Another thing Lee asked to consider: Are you collecting too much personal information?

“Cyber ​​criminals can’t take what you don’t have,” he added.

Despite the fact that companies are spending more money than ever on cybersecurity and privacy, there is no one hundred percent foolproof way to prevent every data breach, ransomware, or phishing attack.

As Lee puts it, corporate and government cybersecurity teams are largely outdone by the sheer number of threat actors and have to operate by a set of rules that do not apply to their cybercriminal adversaries.

Lee said there are still too many companies who think it is “cheaper to pay the fine” than investing in proper data security and privacy controls.

“Even the most responsible companies are subject to innovative exploits, as we saw just last week. because the tools most companies use are based on outdated approaches – whitelisting, blacklisting, pattern matching, heuristics – or they weren’t designed with anticipation of emerging attack styles, ”he said.

Security professionals now face attack vectors based on the efforts of threat actors who have the time and resources to reverse engineer and break into mainstream software in ways that even OEMs don’t.

“As a result, we’re seeing attacks that take advantage of more zero-days that have escaped the development process,” said Lee.

Also on the rise are medium and low vulnerability daisy chains that can be exploited, a threat that often falls under the alert threshold of many organizations that prioritize patches based on CVSS scores, with a lower score corresponding to a lower priority.

“In other words, we are using old weapons to fight new battles against a well-organized and well-armed enemy,” he said.

Lee said that if you look at the current data breach statistics, it paints a picture of the present and the near future as cybercriminals continue to change their tactics as the cybersecurity community catches up. What was lost in most of these discussions, he said, is the fact that every data breach and cybersecurity attack has a real impact on a person.

“As threat actors become more aggressive in their actions, the impact is likely to continue to expand beyond the risks of harm and the inconvenience of the actual harm,” he said.

source https://collegeeducationnewsllc.com/phishing-ransomware-driving-wave-of-data-breaches/