Despite our best efforts, cybersecurity continues to lag behind the creativity of cyber criminals. As we become more interconnected, the potential for a devastating data breach only grows. In , they write "for 83% of companies, it’s not if a data breach will happen, but when." That fatalist attitude may be depressing, but it also should inspire realistic attitudes toward security. IBM's 2022 data breach report A proactive (rather than reactive) stance is essential to protecting your company's data. By limiting exposure, identifying potential vulnerabilities, and shoring up your defenses, you can make it much harder for hackers to succeed. Data breaches in 2022 As Winston Churchill famously said (or repeated after George Santayana, to be precise) "Those who fail to learn from history are doomed to repeat it." In cyber security, the same principle applies. By examining past data breaches, we can learn from the mistakes of others and make sure not to repeat them. In 2022, there have been several major data breaches that remind us of the importance of proper security precautions. Compromised employee accounts Stolen credentials are now the most common reason for data breaches and the average attack , especially because they are so difficult to spot. Discovering that a password has been compromised can be like finding a needle in a haystack. can cost as much as $4.5 million Some major brands experienced this kind of breach this year. Uber In September, Uber suffered a much more serious breach. Through a simple social engineering attack, a hacker gained access to an employee’s Slack account and then several other internal systems. The bad actor (who said he was just 18 years old) claiming he was a corporate IT representative and simply asked for the password. Again, this wasn’t the first time that Uber was compromised. In 2016, they were hit with a ransom notice after millions of driver and rider account information was stolen. admitted that he sent a text message These social engineering attacks could have been prevented if Uber had two-factor authentication enabled for all employee accounts. Multi-factor authentication (MFA) adds an extra layer of security by requiring a second form of identification, such as a fingerprint, in addition to a password. A password manager would also have helped, by generating and storing strong passwords for all employee accounts. LastPass A password manager is the last company you want to announce something like this. In August, that a developer account had been compromised, leading to a breach. LastPass explained While customer data was not taken as the breach was limited to a development environment, the company did admit that source code and technical information were taken. The threat was present for four days, and it led to LastPass investing further in threat modeling and vulnerability management. This wasn’t the first time that they experienced a breach. In 2015, , password reminders, and authentication hashes. an attack compromised user email addresses Session hijacking Another common type of attack is session hijacking, in which a hacker takes over an active user session. This can happen if a user accidentally clicks on a malicious link or visits an infected website. Once the attacker has control of the session, they can do anything the legitimate user can do within that session, including accessing sensitive data. Kiwi farms The notorious forum was breached earlier this year with a session hijack. It wasn’t just a random user that was compromised though – the attack . That led to a leak of basically all user data, including passwords, emails, and IP addresses. successfully gained control of creator Joshua Moore’s administrator account To protect yourself from session hijacking, you can bind access to certain IP addresses (such as the address of a personal VPN server). However, this will only solve the problem partially. You should also be careful about the links you click on and the websites you visit. You can ensure that you are protected from visiting malicious websites by using a DNS Firewall. Two-factor bypass While multi-factor authentication is one of the best ways to protect your accounts, it’s not perfect. There have been several high-profile cases of two-factor authentication being bypassed in the past year. Crypto.com What happens if a crypto exchange is compromised? Millions and millions of dollars are taken. That’s what happened . Despite having mandatory two-factor authentication (2FA) for all users, it was not triggered when transactions were sent to the exchange. in early 2022 when Crypto.com was hacked More than $34 million was stolen through unauthorized transactions of Bitcoin and Ethereum. This kind of attack could have been prevented if Crypto.com had used a hardware token, which is a physical device that generates a one-time code, instead of relying on SMS messages. After the event, the company committed to moving away from simple 2FA and toward "true multi-factor authentication." Microsoft Earlier this summer, cybersecurity researcher Mandiant from the Russian hacker group APT29. By first stealing (or brute forcing) credentials for dormant Microsoft accounts that were never properly set up, they can then create 2FA pushes that are sent to the hackers’ own devices. posted a blog detailing a tactic From there, it’s a simple process of resetting passwords and taking over email accounts. On the user side, it is important to create complex, long, unique passwords that password managers are able to generate and securely store. Then attackers will not be able to brute force passwords. Scaling oversights Some of the worst breaches we have ever seen are because of companies scaling too quickly. By loosening security controls or failing to properly vet third-party vendors to keep revenues high, they put themselves—and their customers—at risk. Axie Infinity Play-to-earn games seemed too good to be true, and for Axie Infinity – it was. Earlier this year, they were the target of one of the biggest crypto hacks in history after their system was compromised. from Ronin, the bridge that was used to process Axie transactions. More than $620 million was lost While the major fault was one engineer's ambition – a – the last door was left open because of rapid scaling. phishing scheme disguised as a lucrative job offer granted access A third-party company had been given access to help with a huge amount of transactions during the game's most popular period and that access had not been removed when it was no longer needed. To prevent this in the future, companies need to carefully vet all third-party vendors before giving them access to any sensitive data. They should also have a process in place for regularly reviewing and removing access when it is no longer needed. How to prevent (or at least limit) data breaches A comprehensive security program is the best way to protect your data, but it takes time and resources to implement. If you can’t do it all at once, start with these basics: - Restrict access to sensitive data to only those who need it - Enable two-factor authentication for all employee accounts - Use a password manager to generate and store strong passwords - Regularly review and remove access of third-party applications - Test your defenses with regular penetration tests Additionally, a well-trained incident response team is essential for quickly and effectively dealing with a data breach. Don't be one of the 83% of companies who are just waiting for a data breach to happen. Be proactive about your security and you'll be in a much better position to weather the storm.

Ethereum

Axie Infinity

Keep

KiWi

Mandiant

Microsoft

Slack

Target

Uber

Security Trends in 2023 That Need Your Attention

Ukraine-based CEO Vasiliy Ivanov on Solving Problems, Productivity, And Taking Charge

Data Breaches of 2022 and How They Could Have Been Prevented

About Author

Comments

TOPICS

THIS ARTICLE WAS FEATURED IN

Related Stories

Untitled Story

5 Reasons Why Your Startup or SMB needs a VPN

108 Stories To Learn About Cybersecurity Tips

10 Cybersecurity Books Every Business Owner Should Read

10 Best Practices for Securing Your API

122 Stories To Learn About Cybercrime

5 Reasons Why Your Startup or SMB needs a VPN

108 Stories To Learn About Cybersecurity Tips

10 Cybersecurity Books Every Business Owner Should Read

10 Best Practices for Securing Your API

122 Stories To Learn About Cybercrime

Light-Mode

Classic

Newspaper

Dark-Mode

Neon Noir

Minty

HN StartUps