The number of cyber-attacks against businesses grows every year, with 2019 likely to see record numbers already. While it is not good news that businesses continue to suffer from attacks, the number of reported incidents in the news does at least provide savvy organizations with learning opportunities to avoid making the same mistakes. Here are five key learnings from high-profile cyber-attacks this year-to-date.
Secure your databases properly
In April, Canadian telecommunications firm Freedom Mobile suffered a breach when an unprotected database was exposed, leaking sensitive personal and financial data relating to over five million customers. Incredibly, the data was left online unencrypted and without password protection.
And this is far from the only example of poor database security in 2019, with many organizations repeatedly making fundamental errors. Despite much publicity over the last two years, for instance, hackers continue to target MongoDB databases that aren’t securely configured.
Businesses of all sizes need to take database security seriously. Ensure that an admin password is set and that data has been encrypted correctly.
Don’t forget cloud security
Sadly, many businesses utilizing cloud solutions and services are unaware or unsure about their obligation to protect the data that they upload to public and private cloud environments. The major cloud security providers operate a shared responsibility model, whereby the service provider manages the security of the infrastructure, and organizations protect the applications and data they upload to it. A large number of organizations, however, are unaware of this.
Businesses must take appropriate steps to improve their overall cloud security – 2019 has seen many attacks that specifically target businesses that operate in the cloud. A good example of this is the exposure of more than 540 million Facebook user records due to poorly configured Amazon Web Services S3 buckets.
There has also been a rise in the number of attacks targeting software-as-a-service (SaaS) platforms such as Office 365. As these platforms grow in popularity, they become a bigger target for cybercriminals.
Assess your website and applications regularly
Websites and web applications continue to be routinely targeted due to the sensitive and financial data that they process. In fact, recent research indicates that issues with web applications are the cause of up to 73 percent of breaches. This puts an onus on companies to conduct regular penetration testing to help identify and address vulnerabilities concerning such as authentication errors and code injection.
BitNinja is able to patch well-known vulnerabilities, and the Web Application Firewall (WAF) module is designed to provide a wide variety of options in order to finetune the level of protection of a site.
More frequent pen testing may have helped more organizations from falling victim to the Magecart attack, in which criminals injected skimming scripts into websites and scraped the payment details of customers.
Given the potential for any business that stores data to be targeted, it is vital that your business should invest in penetration testing to help reduce the risk of suffering a data breach.
Test your incident response plan
It is important to have an incident response plan so that employees know what to do in the event of a cyber-attack taking place – but if you don’t take the time to test it properly, then you run the risk that plans won’t be effective.
Drinks business Arizona Beverages found itself in the above situation after it suffered a huge ransomware attack in March. The day after the attack took place, IT staff at the company realized its backup system had been incorrectly configured which meant it was impossible for them to quickly retrieve data and restore operations. Instead, the company had to spend a huge amount of money on cybersecurity specialists to deal with the issue for them – an expenditure that could easily have been avoided.
As with all forms of cybercrime, prevention is better than cure. Of course, it is important for organizations to have a great incident response plan, but it is even more crucial to work with proactive cybersecurity measures in order to minimize the need for one.
Invest in user training
A huge number of breaches occur due to errors made by employees, such as opening malicious emails or attachments. Deceiving employees is often a fast and effective way to gain access to systems, and cybercriminals are continuously devising new ways to do it.
Even huge organizations continue to be caught out. Earlier this year, Indian IT services business Wipro suffered a high-profile phishing attack that managed to trick employees – demonstrating that organizations of all sizes needed to continually invest in cyber awareness programs to encourage best security practice and help employees to identify the tell-tale signs of attacks.
It is important to note that the recurring theme from these cyberattacks is that businesses need to take the issue of cybercrime seriously. It is important for organizations of all sizes to invest in best practice defensive measures, and proactive cybersecurity platforms in order to minimize the risks.
This article was written by Chester Avey, who has over a decade of experience in cybersecurity. He enjoys sharing his knowledge with other like-minded professionals through his writing. Find out what else Chester has been up to on Twitter: @Chester15611376.