What Cybercriminals Want: Company Data

Extremely secure

SUMMARY

1. Introduction2. The What, Why and Wherefore of Data Loss3. How Do Cybercriminals Steal Data ?4. How the Loss of Company Data Affects your Business5. How to Protect your Company Data

Page 2Cybersecurity

1. INTRODUCTION

Page 3Cybersecurity

Data is big, data is valuable and data is trouble.

Data loss affects all of us, as individuals and within an organization. It affects all types of companies no matter what size they are.

Data loss and theft are the most common types of cybercrime according to PWC.

The UK is the worst hit nation in Europe with 93% of large UK organizations reporting a breach in 2013.

78%more breaches have been

recorded in 2014 by Breach Level Index.

340 millionbreaches have been recorded in the first two quarters of 2015.

1. INTRODUCTION

Page 4Cybersecurity

Data loss and theft are the most common types of cybercrime according to PWC.

The top four types of security incidents are:

Computer records compromised Employee records compromised Loss or damage of internal records Loss of intellectual property

According to report from the Global State of Information Security 2016.

Cybersecurity

1. INTRODUCTION

5

One of the biggest and most far reaching was the health care insurance provider Anthem, where a breach in late 2014 impacted almost 80 million customer records.

Carphone Warehouse and partner Experian lost the personal dataof 2.4 million customers.

2015 was a year marked by high levels of data loss and theft.All market sectors are being targeted and there are many exampleswithin the healthcare, financial and government sectors.

In Germany almost 18 million personal details of German citizens were stolen from the server of German Bundestag

Cybersecurity

2. THE WHAT, WHY AND WHEREFORE OF DATA LOSS

6

Price Waterhouse Coopers estimated that the loss of trade secrets (IP) may be as high as $2.2 trillion annually. Over the same period, they found that IP theft increased by 56% in 2015.

Cyberespionage / Intellectual Property theft

Company financial details

There are a number of methods that are used to obtain access to company bank accounts. One example is shown in a recent FBI warning about company bank fraud, perpetrated by business email account being compromised.

Cybersecurity

2. THE WHAT, WHY AND WHEREFORE OF DATA LOSS

7

This is becoming an increasing problem as PII is being used for web services as a method of identification and for identity assurance purposes.

This means that once an individual’s personal information is out for sale on the cybercrime black market, it can be used for other attacks as was seen in the IRS exploit.

Personally Identifying Information - PII / identity theft

Data records

Data records are distinct from PII and can contain proprietary company information or items such as medical scans and so on.

Stolen records can go onto the black market, fetching hundreds of dollars per record. The average cost of a health record, for example is $363.

Cybersecurity

3. HOW DO CYBERCRIMINALS STEAL DATA?

8

Tactics used to exploit

information

Advanced Persistent Threat (APT)

Phishing and spear phishing

Insider Threat

Malware

Cybersecurity

3. HOW DO CYBERCRIMINALS STEAL DATA?

9

This takes the form of a long lasting and slow exfiltration of data. It is most commonly used to extract proprietary information, such as intellectual property.

An example of such an attack was performed on Google in 2009.

In this attack, nicknamed « Operation Aurora », it was alleged that Chinese hackers (possibly government sponsored) were behind the attack on the company’s

intellectual property.

The APT was a typical attack where malware used a software vulnerability, known as a zero day exploit, which is where a software vulnerability is unknown to

the vendor and therefore remains vulnerable.

The malware then sent data back to a « command and control » center operated by hackers. APT’s can lay undetected for long periods, during which time they send

stolen information back to the central command center.

Advanced Persistent Threat (APT)

Cybersecurity

3. HOW DO CYBERCRIMINALS STEAL DATA?

10

Phishing is one of the most popular methods of getting malware onto a computer.

It was estimated in a report « State of the Phish » that in 2013-14, 95% of all cyberespionage

attacks and 80% of all malware infections originated in a phishing or spear phishing email.

Once infected, malware or spoof websites are used to exfiltrate data, including login

credentials for company resources such as databases.

Phishing and spear phishing

Cybersecurity

3. HOW DO CYBERCRIMINALS STEAL DATA?

11

This type of threat covers a gamut of issues, both malicious and non-malicious.

Simple loss of data due to carelessness is a continuing problem for companies.

Simple mis-delivery of emails, for example, causes up to 44% of data disclosure errors

according to a Verizon report.

Insider threat

Cybersecurity

3. HOW DO CYBERCRIMINALS STEAL DATA?

12

One particularly sinister form of malware is ransomware.

This is where the malware encrypts your data, not only on your hard drive, but potentially out into the network and even Cloud storage.

Once encrypted the cybercriminal presents a screen asking for money and if you pay up they « promise » to decrypt the data.

Ransomware has exploded recently, up by 165% according to McAfee. And the costs for this type of malware, alone, were around $18 million in 2014.

Malware

Cybersecurity

4. HOW THE LOSS OF COMPANY DATA AFFECTS YOUR BUSINESS

13

Loss of data isn’t just about the financial implications of the loss. It also affects your company brand and reputation.

And fines for non-compliance when customer records and PII are stolen are becoming more common place and also affect company directors.

And data protection laws, which exist in most countries, are applied to company directors resulting in large fines.

Cybersecurity

4. HOW THE LOSS OF COMPANY DATA AFFECTS YOUR BUSINESS

14

In the UK the Ministry of Justice was fined £180,000 for the loss of almost 19,000 prison records when an unencrypted and non-password protected portable hard drive went missing.

In the USA, the Target breach of late 2013 which saw the loss of around 40 million customer card details and 70 million customers PII, resulted in a suite of class actions against the company.

The U.S. Federal Trade Commission has a specific clause in their Act for Unfair or Deceptive Acts or Practices, which allows them to go after the directors of a company who haven’t used sufficient protection to prevent a loss ofcustomer data.

Cybersecurity

5. HOW TO PROTECT YOUR COMPANY DATA

15

There are mechanisms and tools that can help you minimize the risks coming your way from cybercriminals and even from accidental data loss by employees.

Understand how your data flows within your organization – both internally and with the outside world, especially via the Internet.

Mapping your data flows is a fundamental part of your security strategy and will allow you to create a game plan for data protection.

Take the form of employee education, to allow, for example a person to recognize a phishing attempt.

Using the right tools for the job is also an integral part of your overall security strategy for data protection.

Protecting application and data access - many data breaches start with the loss or theft of credentials.

company/united-security-providers

companies/unitedsecurityprovidersag

https://www.united-security-providers.ch