Online users are more concerned about their online privacy than ever before. Attackers, however, are even more invested: the financial draw to breaking into and extorting online accounts has risen to an all-time high, with recent research showing 14 accounts are breached every single second. Defending data security has never been of greater importance.
The Growth of Global Data Breaches
In the third quarter of 2022, a total of 108.9 million online accounts were breached. This sobering number represents a 70% increase over this year’s previous quarter. The global distribution of these breaches has always been US-heavy – remaining the most-breached country for the last 10 years – but this trend has undergone a major reversal this year. Russia is now the highest-breached country, with the number of breached accounts rising at a breakneck pace. Since February 2022, the number of breached Russian accounts has consistently increased by 136% every month.
Following the political trend, Belarus has also seen explosive growth in breaches, rising to 19th position worldwide with a quadruple growth in cases. Ukraine, on the other hand, has actually experienced a 14% drop in breached users.
For countries not overtly engaged in global warfare, the news is still dire. Medibank, one of Australia’s largest health insurance providers, recently admitted that an unauthorized party accessed – and stole – the personal data of almost all of its customer base. Having inadvertently leaked the private medical data of almost 4 million Australians, its stock price crashed by 14%, the biggest one-day dip on record.
In the US, Shein’s parent company has recently been fined $1.9 million for not only exposing the personal information of over 39 million customers, but also failing to fully disclose the size, scale and severity of the breach. This personal information included email addresses, home locations, and credit card information. When the leak was first discovered, Zoetep only admitted to the breach of 6 million accounts, and failed to confirm whether credit card info was also stolen. As a result, this highly sensitive information was likely funneled directly into dark web marketplaces.
The information that data breaches bleed onto the dark web greatly harms customers and organizations alike. This identifiable information helps build powerful, multifaceted attacks. Whether to fund criminal activities via credit card fraud, or enable the launch of deceitful phishing attacks, data leaks are the bullets that keep ricocheting long after their discovery.
The Causes and Costs of a Data Breach
Accounts aren’t breached simply out of financial profit: there’s often underlying secondary motivations and causes.
Traditional security measures prefer to focus on external threats, but the modern reality is that human error is a vital component to data breaches. IBM’s 2022 data breach report found that human error is actually one of the single largest causes of critical infrastructure breaches, being the driving cause behind 22% of all recorded breaches. Inside threats are dangerous thanks to the very fact they may not understand the full extent of the damage they can cause.
While innocent network users can cause immense amounts of damage, malicious actors represent highly knowledgeable, targeted threats. Stolen or compromised credentials go hand-in-hand with collateral phishing attacks. According to IBM’s report, phishing attacks enjoyed the longest lifecycle, with it taking 243 days on average to identify a data breach. The stealthiness and effectiveness of phishing attacks are due in large part to the increasingly splintered workforce. The rise in home- and hybrid- working has seen a parallel trend of communication occurring primarily over email and productivity apps. This makes it far harder for employees or colleagues to authenticate who is asking for various information. Phishing now allows an attacker to digitally blend in with colleagues, commit account takeover, and run off with highly sensitive data. The average cost of phishing attacks now vastly exceeds others, with each breach costing an average of $4.91 million.
How to Protect From the Tidal Wave of Breaches
Data security can seem like a wishy-washy term. To set our sites on the achievable, data security is defined as the process of securing corporate data and preventing unauthorized access that leads to data loss. This definition is broad enough to include attacks that threaten to eradicate or encrypt data against you, such as wipers or ransomware. Data security is not only about defense, either: the other side of the coin entails making sure the data is available to particular authorized members of your organization. This forms the foundation of zero-trust architecture.
Data breaches can be prevented via two levels of security hygiene. The first focuses on access controls. This ensures that anyone attempting to access that data is verified. Authorization is a vital part of data security, and even severe data breaches can be curtailed through the use of stringent access controls. Identity and Access Management (IAM) techniques such as multiple-factor authentication and biometrics can sit at the base of this defense, providing authentication’s heavy lifting that verifies the person behind the screen. Alongside this, authorization measures need to then verify that the user has the correct privileges to see this data.
The other section is data protection. These are measures that surround the data itself, instead of the user. These measures help guarantee that, even if a user were to successfully infiltrate a corporate network, any attempt to retrieve usable data is foiled. Encryption is one key component of data protection measures. This ensures that, if an unauthorized party can access the data, all personal information is hidden under a layer of uncrackable encryption. This protection mechanism can only stretch so far: if an attacker manages to hijack a suitable account, they’d still be able to view and steal critical data. Quality third-party data security solutions can aid in the real-time identification and prevention of even insider attacks. For instance, data loss prevention mechanisms are vital in preventing users from transferring sensitive data outside an organization. They also aid in identifying compromised accounts, as they alert the DevSecOps teams to any suspicious or unusual account behavior.
Data security is a modern issue that demands a multifaceted response. From the database to the employee, stringent security measures need to target every level of access. Employee training, in-house security controls, and third-party solutions are all equally vital components to strong, breach-free data handling.