The massive growth of data capacity in the cloud and big data era poses new challenges for data storage and protection, shifting from traditional familiar IT architecture to cloud architecture, virtualization, and hyper-convergence as representative technology upgrade iterations, accelerating the technical means of data protection. Cyber-attacks have become more common in recent years. According to the SonicWALL 2022 Cyber Threat Report, ransomware attacks have surged by 232% since 2019. Here are a few examples of severe data breaches caused by ransomware.
Accenture
Accenture left at least four AWS S3 storage buckets insecure in 2017, according to UpGuard, the world's first cyber resiliency startup, which discovered this in its cyber risk analysis. Unrestricted authentication details, private API data, digital certificates, decryption keys, user data, and meta information were all exposed in the hack. According to UpGuard's security investigation, the public had access to 137GB of data. As a result, cybercriminals exploited this information to defame people and extort money. Some of the stolen data were also made public on the dark web.
Accenture was hit by the LockBit ransomware once more in August 2021. This time, the company was aware of the infiltration during an audit in the fourth quarter of 2021.
As a result of the 2021 data breach, Accenture suspected a series of attacks on client networks, including misconceptions of vital systems, unintended leaks, and subsequent malware infections. The perpetrators, the LockBit ransomware, claim to have stolen 6 gigabytes of data from the attack and are holding it for a $50 million ransom.
Verizon
Due to an AWS S3 configuration issue, Verizon's third-party queue NiceSystems inadvertently disclosed user PPI in 2017. Because of Nice's blunder, the attacker was able to obtain more consumer call data. Verizon recorded 29,207 security incidents in 2020, with 5,200 of them confirmed as intrusions. DDoS attacks targeted the telecom behemoth; social engineering and client-side web application infections drove each attack, exposing server-side systems.
Kaseya
Kaseya, based in Miami, made a statement on July 2, 2021, stating that their Kaseya VSA software is vulnerable and has been compromised by the REvil hacker ransom organization and that it has shut down its SaaS servers and advised all clients to take down their VSA servers. Kaseya provides remote management software services for Managed Service Providers (MSPs), and this incident is widespread due to the global reach of MSP providers' customers, with Coop, one of Sweden's largest supermarket chains, being forced to shut down services at more than 800 stores nationwide as a result of the supply chain ransom attack.
In February 2019, the Gandcrab ransomware organization exploited a vulnerability in the Kaseya plugin for ConnectWise Manage software to spread malware on MSP's customer network, marking the third time Kaseya products have been utilized in a ransomware deployment event. The REvil ransomware organization used an open RDP service to launch an attack against MSPs using the Webroot SecureAnywhere and Kaseya VSA solutions to distribute malware to their customers' networks in June 2019.
Cognyte
Cognyte, a cybersecurity analytics company, committed a mistake in May 2021 that rendered their database unprotected without authentication protocols. This blunder allowed cybercriminals to access 5 billion user records. Customers were notified of the third-party data breach by the comparative data provided by Cognyte's database. User credentials such as names, email addresses, passwords, and susceptible data points in the system were among the information disclosed.
Raychat
Raychat, an Iranian chat program, has managed to withstand a huge cyberattack. Nearly 267 million usernames, emails, passwords, information, and encrypted chat logs were exposed as a result of a database configuration breach. All of the company's data was destroyed by a targeted bot attack. According to Gizmodo, data was made public due to a MongoDB misconfiguration, allowing cyber attackers to manage the chat application's private data at any time. It demonstrates that bots may easily target NoSQL databases.
Enterprises have long been concerned about
Documents, contacts, contracts, letters, and account numbers are essential for the great majority of enterprises. While contemporary technology aids businesses in managing critical data, it may also allow data to vanish in the blink of an eye. For most businesses, losing data means pausing operations, which will undoubtedly result in a loss of revenue, reputational damage, and the cost of recovery.
Statistics show that the average financial loss suffered by small businesses in data loss cases amounts to $120,000, and $1.23 million for large enterprises. We therefore recommend:
n Choose an affordable and reliable backup solution that meets your company's demands, and budget for data protection.
n Back up at the very least the most crucial data, and better yet, all of it.
n Backing up data on a frequent basis and automating it as much as possible; otherwise, it's easy to become engrossed in day-to-day duties and forget to back it up.
n Back up your data in two copies, one on physical media and retained on-site, and the other in cloud storage.