The Cost of a Data Breach and How to Avoid Paying it

Over the past 12 months there have been several high-profile data breaches which have hit the headlines. Recently, almost 157,000 TalkTalk customers had their personal details hacked. A small percentage of the stolen data, including names and addresses, were put up for sale shortly after the attack.

Although the attack on TalkTalk will have come as a shock to its 4 million customers, attacks of this nature are becoming increasingly common. But what is the impact of data breaches? Sony Pictures, which was the victim of a cyber attack in 2014, predicted that the breach would cost $35M (£23M) for the full fiscal year. Repairing the damage caused can run up a hefty bill. Restoring financial and IT systems results in man hours and software/hardware/vendor expenses.

What is the true cost of a data breach?

A study by The Ponemon Institute has attempted to quantify the cost of a breach. The report found the following key figures:

• For the eighth consecutive year, the average cost per lost or stolen record has risen. In the latest findings, the figure rose from £95 in 2014 to £104 per record in 2015
• The total average organisational cost of a data breach increased to £2.37 million, up from £2.21 million in 2014
• Detection and escalation costs increased from £520,000 to £550,000. These numbers indicate increased investment in forensic and investigative activities, assessment and audit services, crisis team management, and communications to stakeholders and management.
• Lost business costs, including the turnover of customers, increased customer acquisition activities and reputation losses, increased from £950,000 in 2014 to £1.07 million in 2015.

It is clear from these figures that data breaches are costly in financial terms. For businesses though, there is also the issue of losing customer trust. To avoid becoming the next organisation at the centre of a data breach story, organisations need to take security seriously.

Education, education, education

In addition to having the right security solutions in place, employers must educate their staff. For hackers wanting to get hold of data, it is a lot easier to target employees than take on the firewall. Employers need to be educating their staff to be aware of hacking techniques such as phishing and social engineering attacks. Phishing is very much like the name it derives from. The hacker will send out an email, which may look legitimate, to a whole host of inboxes. It will only take one employee to click on the malicious link and the hackers could have access to the network.

There are plenty of precautions businesses and staff can do to protect against attacks.

The advice to employees needs to be to remain vigilant. They must question any unexpected email, with an attachment that arrives in their inbox. If it looks too good to be true, it probably is.

Trust no one, suspect everyone

If organisations want to get tough on protecting their network, they need to realise everyone and everything can be a threat. Every piece of software and hardware used could be a potential route in for hackers. This highlights the need for organisations to work in a zero trust environment. Zero trust environments are implemented by firewalls and take away the automatic assumption that an action or actions should be trusted. Every action needs to be treated with the same degree of suspicion regardless of where the action is coming from. Ensure that any compromised employee-owned device does not remain undetected and able to crawl its way into the crucial parts of the networks and data. If an issue is noticed, it needs to be scrutinized and investigated until resolved.

Simple steps to protection

Data breaches are in the public eye more than ever following attacks on large organisations and governments. However, this doesn’t mean that these are the only targets which hackers are going after.

Businesses of all sizes should follow these simple steps to maintaining a secure network:

• Train employees to remain vigilant and educate them about emerging threats – the best line of defence is to have the correct security solutions and procedures in place. Additionally, staff have a part to play by questioning anything suspicious in their inbox or on the web.
• Work in a zero trust environment – if everything is put under the microscope then it makes it a lot harder for the hackers to make their way in and hide.

Create a dedicated budget to address cyber security – to avoid paying out fees following a breach, be proactive and ensure you have the correct hardware and software in place rather than as a reaction to a hack or data loss incident.

How to protect your devices from Keyloggers

Getting to the ‘root’, what is a keylogger? Well it’s a program or device which records all keystrokes, which could be used overtly for surveillance or covertly for spying.  Either way someone is watching!

In today’s society with the advent of technology in all its guises, the ‘keylogger’ is a direct intrusion to all concerned when we use our computers, smartphones or any smart device connected to the Internet.

It’s the scourge of working over the Internet, concealed deviously,  yet sophisticated in its execution. Working unseeingly in the background it compiles all your keystrokes and despatches this data to a server unknown to you for the next stage of its mission. And to protect computer from keyloggers, you need to do some solid countermeasures.

Now don’t be misled; as I gestured above, the keylogger doesn’t just focus on computers, it’s interested in any device, where ‘you’ the user interacts with a key board (now think lateral here).  So your phone (for example) is also susceptible, there no delineation here, all is fair game! There might be an Android keylogger monitoring keystrokes of your cellphone in the wild, and same goes for iOS and others.

Facebook Cyber Crime: Don’t be a victim

As of September 2015, there were 1.55 billion monthly active Facebook users worldwide. Even though Facebook has changed they way the world communicates, there is a dark side to the popular social media service. Criminals use Facebook for crime. Still, there are simple ways to protect from becoming a victim. First, knowing what to look for will save you a bunch of heartache. Second, making a few minor changes will make it harder for the criminals to get you.

The Most Common Facebook Cyber Crimes

• Identity Theft

Criminals usually mine Facebook profiles for information that can be used to hack email accounts, which can give them access to a plethora of sensitive accounts. From there, they steal your identity and drain your bank accounts. 

• CyberStalking

Stalking is defined as repeated harassing or threatening behavior. This happens quite often on Facebook and can lead to dangerous situations for both involved. For a chilling case study, read about how Jason Smith used social media to terrorize Alexandra Scarlett.

• Scams

There are numerous scams that cycle through Facebook and each one has a twist. They are usually rather easy to identify because they are often too good to be true. Take for instance the recent flurry of people who reposted the message that Mark Zuckerberg, Facebook’s billionaire CEO, was giving money to a lucky few Facebook users. All they had to do to get a chance at “winning” the cash was to repost a fake message from Zuckerberg. You saw it, and so did criminals. In fact, security professionals believe the “Zuckerberg giveaway,” and postings like it, are used by criminals to locate potential victims.

How to protect yourself from Facebook Cyber Crimes

• Don’t Over Share

The more info you divulge, the more information criminals have to use for cybercrime. Pull back the reigns a little on posting everything about your life – especially locations, information about your children and personal data.

• Tweak Your Name

Ignore Facebook’s policy about providing your real name and alter it just a bit in order to make it harder for criminals to identify who you really are. To accomplish this, add a fake middle name or misspell your real name.

• Lock Down Your Account

Facebook has privacy settings that can help keep cyber criminals at bay, use the settings.

Head of US intelligence James Clapper hacked by the same hacker who broke into CIA director Brennan’s personal email account.

According to Motherboard, a hacker associated with the “Crackas With Attitude” group has accessed accounts belonging to the director of National Intelligence, James Clapper.

Yes, you are right, Crackas With Attitude is the same teenager who took over the CIA director John Brennan’s personal email account in October 2015.

The teen hackers reportedly controlled of Clapper’s personal email, his wife’s Yahoo email account, home telephone and Internet. The situation is very serious, the young hacker has done much more forwarding all calls to the director’s home phone to Paul Larudee, the co-founder of the Free Palestine Movement.

“One of the group’s hackers, who’s known as “Cracka,” contacted me on Monday, claiming to have broken into a series of accounts connected to Clapper, including his home telephone and internet, his personal email, and his wife’s Yahoo email. While in control of Clapper’s Verizon FiOS account, Cracka claimed to have changed the settings so that every call to his house number would get forwarded to the Free Palestine Movement. When they gained notoriety last year, Cracka and CWA claimed their actions were all in support of the Palestine cause.” wrote Lorenzo Bicchierai on Motherboard.

Cracka provided purported screenshots of Clapper’s email as a proof of the hack.

“I’m pretty sure they don’t even know they’ve been hacked,” Cracka told me in an online chat.

It is not a joke, Brian Hale, a spokesperson for the Office of the Director of National Intelligence, confirmed the disconcerting hack to Motherboard.

It seems that the hackers relied exclusively on social engineering techniques and information gathered from open source.

The hacker shared with Lorenzo Bicchierai a list of call logs to Clapper’s home number. The senior staff writer verified the authenticity at least of one number in the list belonging to Vonna Heaton.

“In the log, there was a number listed as belonging to Vonna Heaton, an executive at Ball Aerospace and a former senior executive at the National Geospatial-Intelligence Agency. When I called that number, the woman who picked up identified as Vonna Heaton. When I told her who I was, she declined to answer any questions.

“A journalist? Oh my gosh” she said, laughing uncomfortably. “I have somebody on the line, I’m sorry, I have no insight into that. But that’s really unfortunate, have a great day.”” wrote Bicchierai.

Do you remember Clapper? Do you remember the case “American Civil Liberties Union v. James Clapper”? 

Clapper is known for his absurd testimony to Congress in 2013 about the NSA’s phone metadata collection. When a senator asked him if “the NSA collected any type of data at all on millions or hundreds of millions of Americans.” Clapper responded “No, sir.”

The US Government issued a final rule implementing the Executive Order 13694 apply economic sanctions in response to cyber attacks.

According to a final rule published in the Federal Register on the last day of 2015 (Dec. 31, 2015),  US can now apply economic sanctions in response to cyber attacks.

The US Government assigned to the Department of the Treasury’s Office of Foreign Assets Control the authorities to apply economic sanctions against foreign governments and individuals that launch a cyber attack against the infrastructure of the US Government.

The rule titled “Cyber-Related Sanctions Regulations” implements the directives introduced in the Executive Order 13694 signed by the US President in 2015.

“The Department of the Treasury’s Office of Foreign Assets Control (OFAC) is issuing regulations to implement Executive Order 13694 of April 1, 2015 (“Blocking the Property of Certain Persons Engaging in Significant Malicious Cyber-Enabled Activities”). OFAC intends to supplement this part 578 with a more comprehensive set of regulations, which may include additional interpretive and definitional guidance and additional general licenses and statements of licensing policy.” states the rule.

The President Barack Obama signed in April an executive order that uses economic restrictions to “control” anyone that is trying to attack any American interests.

But what this exactly means? Every time the US authorities identify an entity (a person or a group) that is threatening the US infrastructure and which is responsible for a security breach, then they can freeze all its assets, including bank accounts if these assets are located in the US soil.

“Starting today, we’re giving notice to those who pose significant threats to our security or economy by damaging our critical infrastructure, disrupting or hijacking our computer networks, or stealing the trade secrets of American companies or the personal information of American citizens for profit,” said the president Obama. “From now on, we have the power to freeze their assets, make it harder for them to do business with U.S. companies, and limit their ability to profit from their misdeeds.”

The Executive Order 13694 explicitly refers the following case regarding possible activities that represent a threat for the Homeland Security:

• harming, or otherwise significantly compromising the provision of services by, a computer or network of computers that support one or more entities in a critical infrastructure sector;
• significantly compromising the provision of services by one or more entities in a critical infrastructure sector;
• causing a significant disruption to the availability of a computer or network of computers; or
• causing a significant misappropriation of funds or economic resources, trade secrets, personal identifiers, or financial information for commercial or competitive advantage or private financial gain; 

The Executive Order 13694 is efficient only if the alleged attackers have assets inside America, or do business with American companies.

The idea behind the executive order is aligned with previous orders signed Obama to punish hacking activities against US systems. President Obama already anticipated the use of economic sanctions as a deterrent against cyber attacks in the Sony Pictures case. in January 2015, Obama announced economic sanctions against North Korea in the wake of the hacks against Sony Pictures.

The regulation posted to the Federal Register will be integrated with a further set of regulations that will likely cover “additional interpretive and definitional guidance, including regarding ‘cyber-enabled’ activities, and additional general licenses and statements of licensing policy,” said the notice.

It it important to highlight that there isn’t a public comment period, which is usually required before the issuance of a final rule, a circumstance that demonstrates the approach and intention of the US Government.

The members of the US Government were urging an action against the increasing cyber threats that hit the national systems.

Cybersecurity is a growing concern across the world, here are some of the Online Security Threats to Watch for in 2016.

Security Affairs has shown me the way to a more secure online life Not only do they post great tips regarding how to take care of your computer, they provide one with information as to what is going on in the world. You can see trends forming just by reading their headlines. After this article you should take a look at this piece about a potential Christmas attack on gaming.

Cybersecurity is one the world’s largest growing concerns, given that there are billions of dollars and the personal safety of half the world’s people on the line. Massive cyberattacks on large corporations or bodies of people constituted a large chunk of the news cycle, and as the year draws to a close, we can only expect that this trend will continue or even grow.

Yet some threats are more immediately concerning than others, and trends indicate that certain types of problems are going to grow in either frequency or potential damage. You need to know what these are and how you can protect yourself as best you can. It usually isn’t too difficult, and preparation pays many times back its time investment.

Here are some of the most immediately concerning threats of 2016:

Corporate Data Leaks

Ashley Madison and the aftermath of the Sony attacks got all of the press in 2015, but they likely didn’t affect you too much. What might have affected you, however, was an attack on Anthem (the second largest U.S. health insurance company) that was the crowning point in a trend of healthcare data breaches. Vtech’s slipup released the information of hundreds of thousands of children and millions of others. Experian lost the data of 15 million T-Mobile customers. The list goes on. Hackers are not going to let up in 2016 when they are having this much success taking and selling corporate data.

You need to be cautious about what companies you share your information with. You can control your own online security habits, but once someone else has your data, you can’t usually take it back. Companies like to cut costs, and cybersecurity is usually considered a necessary evil instead of a duty and responsibility. This year let your dollar do your talking for you and start asking questions of the companies you already use.

Government Attacks

North Korea or Iran aren’t likely to attack you personally. If they possibly could, then you probably know all you need to about online security and know what is coming your way. What you need to be more concerned about are increased online surveillance and state-sponsored cyberattacks on the institutions that allow your day to go smoothly. Your data might even wind up being used as an international bargaining chip without your consent or knowledge. It is even more alarming to learn that most industrialized nations aren’t doing enough to defend their cybersecurity infrastructure.

Unfortunately, these are the events and problems you are least likely to be able to prevent through your own efforts. You cannot wage a one person cyberwar on China, as much as you might want to. The best things you as an individual can do are contact your government and lobby for a stronger defense posture when it comes to technology. You should also keep abreast of the news and take note of whether you might be under surveillance, whether from your own government or a foreign power. Err on the side of caution when acting online. That habit will help you in 2016.

Mobile Malware and Infiltration

Have you met somebody that no longer has a computer and only uses their smartphone to handle their daily online tasks? Even if you haven’t, you have to admit that the concept doesn’t sound so foreign to you now. People are using smartphones more than ever, and hackers took notice years ago. They started to develop sophisticated mobile malware and intrusion techniques to steal sensitive data off of your phone, and they are starting to perfect it. 2016 is possibly going to be the year of mobile malware.

You need to start taking your smartphone’s security more seriously if you aren’t already protecting it. Having a good case and a verification screen are not enough anymore. You ideally should have multiple verification measures and a well-reviewed security application for your type of smartphone. You need to be wary of what websites you visit with your phone much how you are cautious with your computer. Caution and vigilance will be the keys to your data’s integrity and your smartphone’s survival.

Threats will only grow stronger as time marches onward into a more technologically complex landscape, but the tools to we to defend ourselves will meet the challenge head on and prove themselves more than capable to the task. All we have to do is prepare our own devices and minds for what is coming ahead. Your enjoyment of the internet does not need to come under threat this coming year. Have confidence in yourself and your follow internet denizens.