BreachExchange mailing list archives
Understanding the Ripple Effect: Large Enterprise Data Breaches Threaten Everyone
From: Destry Winant <destry () riskbasedsecurity com>
Date: Mon, 11 Nov 2019 08:53:47 -0600
https://threatpost.com/ripple-effect-large-enterprise-data-breaches/150041/ Fallout from giants at the top is one of the largest drivers of cyber-impacts on everyday people and companies. Big businesses are constantly under attack, and that affects everyone from customers and business partners to parties with national security interests. When successful, the initial compromise is only a means to an end — the real goal is to mount follow-on attacks like spearphishing, extortion attempts and account takeover (ATO). And much to the chagrin of security experts, those attacks on household-name companies are growing. Last year saw more than 6,500 data breaches, exposing a staggering 5 billion compromised records, according to Risk Based Security. “Breaches against large enterprises are becoming more frequent. There are several reasons for this – notably, breaches are no longer standalone incidents, they are part of larger organized cybercrime networks,” said Arun Kothanath, chief security strategist at Clango, in an interview. The second reason, Kothanath said, was that the price of data is skyrocketing: Beyond data tied to financial institutions being an attractive target, so is data tied to healthcare, education, infrastructure, elections and national security. Even though we live in a “breach-of-the-week” era, where data-thieving and inadvertent information exposures have become an expected part of the landscape, large enterprises can’t afford to see data stewardship as anything other than a critical risk, experts warn. Scale and Complexity Alex Guirakhoo, strategy and research analyst at Digital Shadows, told Threatpost that contrary to conventional wisdom, large enterprises can represent some of the lowest-hanging fruit for criminals to snatch off the data tree, simply by virtue of their scale. “Fortune 500 companies have a much larger attack surface,” he said. “It’s more difficult to promote an effective security culture across a base of tens of thousands of employees than for a company with only a handful. This opens up greater potential for issues stemming from human error, like vulnerabilities going unpatched, or a server containing sensitive customer information being inadvertently accessible to the public without authentication.” Add in the fact that people tend to reuse passwords for different services and often mix personal and corporate use of email and mobile devices, the attack surface becomes even wider. Guirakhoo said someone using company email on an insecure personal device represents an easy path to the corporate jewels. Third Party ‘Stranger Danger’ Larger companies also have more partners and suppliers, opening up the potential for third-party compromise and supply-chain risk. This has been seen in several large breaches, including, famously, the Target breach (a hack of its HVAC provider started the attack) and last year’s attack on software service provider [24]7.ai, a company that provides online chat services. Hackers targeting [24]7.ai were able to use the platform to ultimately compromise Delta, Sears and other [24]7.ai customers. _______________________________________________ BreachExchange mailing list sponsored by Risk Based Security BreachExchange () lists riskbasedsecurity com If you wish to Edit your membership or Unsubscribe you can do so at the following link: https://lists.riskbasedsecurity.com/listinfo/breachexchange
Current thread:
- Understanding the Ripple Effect: Large Enterprise Data Breaches Threaten Everyone Destry Winant (Nov 11)