By: Nihad Hassan
August 17, 2021
Four Common Types Of Security Breaches And How To Mitigate Them
By: Nihad Hassan
August 17, 2021
The number of cyberattacks is increasing daily. The accelerated adoption of digital technology has shifted a significant portion of crime to cyberspace in all aspects of life. According to Cyber Security Ventures, the global cybercrime damage cost is projected to reach 10.5 trillion by 2025 annually.
Nowadays, organizations of all sizes and across all industries utilize digital technology to simplify work operations and improve work efficiencies. People are increasingly using the internet for different reasons, such as studying, work, entertainment, online banking, and shopping. The sum of people’s interactions with technology generates a large volume of digital data. A good portion of this data is personal information.
Personal information has a great value for cybercriminals. For example, breached data is typically sold on darknet markets such as those hosted on the TOR anonymous network. Stolen credit card information can be used in different scenarios, for example, to conduct fraud, impersonate victims, and steal their money.
A security breach is an incident where cybercriminals successfully infiltrate the security defenses of the target organization and gain unauthorized access to its network, data, applications, and other IT resources. Many people use the terms “security breach” and “data breach” interchangeably, which is inaccurate. For instance, a data breach will compromise a target organization’s sensitive data, while a security breach will give hackers unauthorized access to protected resources without breaching stored data.
This article will shed light on the four most prominent types of security breaches and how to mitigate them.
Security Breaches Types
Denial-of-service attack or Distributed Denial-of-service attack
A distributed denial-of-service (DDoS) attack attempts to make an online service unavailable by overwhelming it with traffic from multiple sources. Adversaries build a net of compromised devices which are also known as bots. A botmaster controls these bots. When deciding which target to attack, the botmaster instructs the botnets (may contain thousands and even millions of devices) to flood the target with false traffic, resulting in exhausting target network resources and leading to a denial-of-service status. Although DDoS attacks are not considered a data breach on their own, cybercriminals use them to distract target security defenders, making them unable to spot other attacks occurring behind the scenes.
Social Engineering Attacks
A social engineering attack uses psychological tricks to convince a person to reveal sensitive information, such as login credentials, to the attacker.
There are different types of SE attacks, and we can broadly group them into internet-based and physical-based (or conducted in person).
Internet-based SE attacks are the most prevalent due to the increased adoption of IT technology everywhere. Attackers utilize email, social media posts, and internet chat applications to lure their victims into handing in sensitive information.
Phishing emails are the most common type of SE; phishing emails are designed to look as if they originated from a trusted and legitimate entity, such as your bank, government agency, or social media websites where you have an account. The technique used in phishing emails varies. For example, they may ask the recipient to update their info on their bank or ask them to update their passwords to avoid losing access to their email account. Some phishing emails contain malicious links that lead the victim to a compromised website hosting an exploit kit. While other emails may contain malicious attachments, it will install malware on the victim’s computing device once opened.
Traditional passwords are still the primary method used for authenticating users against various online services and applications. However, stolen passwords are also considered the main cause of data breaches worldwide. According to Verizon Data Breach Investigations Report, 81% of hacking-related breaches leveraged either stolen and weak passwords.
Password reuse is still the primary security problem. According to a 2019 security survey conducted by Google, 65% of people reuse the same password for multiple or all accounts. Many employees use the same password to protect their work account and other personal online accounts (such as Facebook and private email). If their private account credentials were exposed as a result of a data breach, all their accounts utilizing the same password would get compromised as well.
Another issue concerning password security is using weak passwords that are easy to crack (using brute-force attack). A perfect password must contain at least 11 characters and includes a combination of letters, numbers, and at least one symbol.
Different forms of malware; are mainly utilized to open a security gap in target security defense to gain unauthorized access to exploit target devices and all connected systems.
The most known type of malware is ransomware. It works to encrypt target device systems files and personal data and demands a ransom, usually paid in Bitcoin, to remove the restriction.
Defending against security breaches
There are various countermeasures to mitigate cyber-attacks. The following list the most critical ones:
- Install security software on network and endpoint devices. Firewalls, IDS/IPS and antivirus, antimalware can help you detect and stop many threats before they infect your internal systems and network.
- Use two-factor authentication (2FA), so common password security problems like password reuse avoids weak passwords.
- Segment your network and make sure to put all sensitive data in one segment. Prevent remote employees from accessing sensitive information using their computing devices.
- Enforce different IT security policies concerning data privacy, such as data classification, data destruction, and retention policies.
- Encrypt all sensitive data, both on-premises and in the cloud.
- Ensure you train your employees about different cybersecurity attacks and countermeasure techniques. End-user cybersecurity training is still the primary defense strategy for any organization.
- Adopt the latest technological solutions to protect sensitive data, such as zero-trust network and adaptive security.
The number of cyberattacks is increasing rapidly, and there is no sign of slowing down soon. Cyber attackers are utilizing different attack methods and techniques to infiltrate the target network. This article shed light on the most prominent security breaches and suggested general countermeasures to stop them.