What You Can Learn From the Recent Data Breaches
Large-scale data breaches are far more common than they should be. In the last 20 years, we’ve seen data breaches of companies like Adobe, eBay, Equifax, LinkedIn, and more, affecting the personal information of hundreds of millions of users.
In December of 2020, Microsoft suffered a security breach by suspected Russian hackers that may have exposed the company’s source code. This recent breach was part of what’s being called the SolarWinds hack, a massive attack on dozens of government agencies and major tech companies.
While your company’s data may not be as high-stakes as Microsoft or the federal government, cybersecurity is still vital to the safe operation of your organization and the trust of your customers. So what lessons can be learned from the high-profile data breaches?
Every System is Vulnerable
Every computer system in the world can be compromised. It’s a stark reality that every IT department has to come to terms with — if a computer system connects to the internet, it can be accessed by malicious actors. Since running an entirely analog company isn’t a viable option, you’ll have to operate under the assumption that your information can’t be perfectly safe.
Every Piece Matters
A modern company runs on dozens, if not hundreds, of pieces of software. All these tools talk to and have access to one another, which means that if one piece of software is compromised, the rest are compromised as well. We saw this play out with the SolarWinds hack — SolarWinds is a company that produces a network monitoring software, which the attackers then used to introduce malicious code into their targets’ computers.
To combat this, you need to be aware of every piece of software in your company’s entire ecosystem. Your CRM, email, document sharing, project management, time tracking, inventory, and billing software will all have their own security protocols, and any one of them could bring down the rest.
These attacks are called supply-chain attacks. Rather than going after your company’s data directly, hackers will attempt to work around your security measures by hacking one of the third-party tools you use. The hackers in the SolarWinds breach didn’t need to break through the security measures of the DHS when they could simply bypass them.
Detection Isn’t Easy
One of the most surprising aspects of the SolarWinds story is how long it took before anyone noticed that the software had been compromised. None of the federal government’s alert systems were triggered by the illicit logins, and no human intelligence tipped off the targeted agencies to a potential attack.
Instead, a cybersecurity company called FireEye noticed what it called a “global intrusion campaign” based on the erratic behavior of some logins. Essentially, the “users” logging into corporate SolarWinds accounts suddenly changed the location, time of day, and overall pattern of system access — your credit card company employs similar behavioral analytics when it flags an especially large purchase or a transaction made hundreds of miles from your house. Without the behavioral analytics software of FireEye, we have no way of knowing how long the hack would have gone unnoticed.
This problem isn’t unique to SolarWinds. While some hackers want to delete your data or hold it ransom, others want to steal it completely unnoticed. If you don’t have measures in place to detect unusual or unauthorized activity on your servers or network, it’s very difficult to detect that an intrusion has taken place.
Implement Cybersecurity Measures
Cybersecurity best practices are a complicated topic and will vary significantly from company to company, depending on the type of data you work with and the way your company is structured. That said, there are some broad-strokes measures you can take.
Be aware of the supply chain: you can’t sequester your business entirely from third-party software, but you can make an effort to vet their security measures before you sign up. It’s also a good idea to set up a “kill switch” — a series of backups that allows you to quickly cut ties with a vendor if they’re compromised.
Eliminate human error: most hacks and data breaches aren’t the result of sophisticated software, they’re the result of sloppy security. Implement automatic logouts, regular password changes, and a mandatory password manager so that your employees’ access to important tools and data can be granted and revoked as needed.
Back up everything: some hacks intend to steal data unnoticed, but many seek to extort you instead. Ransomware attacks encrypt your data and demand money in exchange for decrypting it — if you have a backup, these attacks lose their leverage.
Partner with Professionals
The most important lesson from high profile data breaches is that your business’ relationship with technology is fraught. You have to keep track of not only your own code, but any third-party plugins, products, and libraries that your business relies on.
If you’re concerned about the integrity and efficiency of your company’s technology, establish a relationship with a professional organization you can trust. Madison Taylor Technology can build bespoke technology solutions for any business, including the implementation and training to ensure that your team is working at its best. Initial consultations are always provided with no-strings-attached. Let’s start a conversation.
Begin a Conversation
Have a question? Want to connect about a problem? Interested in getting started? Whatever it is, we’re here when you need us.