Information Technology Professionals - IT Pros USA


The Breach Report – Dec 2018

ITP Talks Data Breaches from the Past Month

Data security – both personal and commercial – is a major topic of concern for people around the world. In today’s digital landscape, cybersecurity is playing catch-up on the ever-evolving attacks. Cybercriminals are expanding their arsenal, and the overall industry has led to an immense loss of data records and personal information on a global level.

That said, not every data breach is created equal, and with this new series, we aim to keep you informed of what’s happening in the world, from the big breaches to the little ones. This monthly series will take a detailed look into the worst of the month’s digital breaches, on both a macro and a micro scale.

We’ll also look to provide you with tips and suggestions for safety, as they arise throughout the series to help improve your overall security posture. And with that, let’s dive into the first ever, “The Breach Report.” The series will feature two parts, first a security topic of the week, and second, a look at some of the major breaches around the globe.

Security Topics of the Month

Infrastructure Organizations Beware

According to the 2018 Verizon Data Breach Investigations Report, 29.2% of reported breaches happen in industries considered infrastructure. These industries include utilities, transportation, healthcare, and others that use operational technology systems.

What can organizations that are considered infrastructure do to mitigate these risks? By teaming up to address key technical and organizational issues, information and operational security teams can improve the resiliency and safety of their infrastructure systems. With that said, let’s take a look at the risks involved, and what you can do about them. 

Your IT Security Risks

The first risk is the environment where the organization exists. If there is no inventory of the systems, a lack of security and a lack of understanding of what data is being used, the organization is at a major risk. In order to best combat this risk, one should start by gaining an understanding of overall security posture. If an organization is operating in multiple environments, pick a representative environment and apply what was learned to the other environments.

The second risk is patch management. This is self-explanatory, and its solution is as well. Patch your systems! Running outdated OT systems greatly increases the chance of a breach. Network Segmentation is the third risk, with many OT systems having connections between systems that should not be connected. In order to combat this, develop a plan for network segmentation, that way if one network is breached it is contained rather than spreading.

The fourth risk is the supply chain. It is very hard to control how organizations handle their data, which is why it is important to include security requirements when bringing on new systems, as well as continuing maintenance efforts within their vendor management programs. The fifth risk is a lack of a united front within the organization regarding security. To avoid this, one should foster cooperation and respect between the groups who address cyber threats. Training, communication, and cooperation are key here.

With the world becoming increasingly digital, state actors are waging war behind the scenes more and more. A good example of this is Russia crippling Ukrainian infrastructure by launching a cyber-attack on power plants. All organizations are at risk for a cyber-attack, but those that are considered infrastructure should consider that the person trying to hack you isn’t necessarily some kid in his mom’s basement or even a pro hacker. It could be an intelligence agency with hundreds of well-trained specialists trying to see how your systems tick and how to break them.

Do It for The Culture

According to a report (and awesome infographic) by ISACA, 95% of organizations find there is a gap between their desired culture surrounding cybersecurity and what their culture actually looks like. This is concerning, especially because 87% of those surveyed said that their organization would be more profitable if their cybersecurity culture improved.

What is causing this gap? A variety of factors come into play, including a lack of understanding on the part of leadership, lack of funding, and a lack of employees respecting the cybersecurity procedures.

With the holidays approaching and employees shopping across the web, now is the perfect time to reinforce cybersecurity culture at your organization. A breach on a popular retail site could lead to a breach within your organization if employees use the same passwords at work and home.

The Evolution of a Phish

A new report has shed light on the fact that not only are email-based attacks on the rise, but they are spreading at an alarming rate. Cybercriminals have been shuffling their decks of targets, as 99% of the most heavily targeted email addresses this quarter are different than those targeted in Q3.

The phishing emails now are more likely to show up in the inbox of your marketing, public relations, and human resources departments. The reasoning behind this shift is that these teams have access to information about earnings and employee records. It is important to stay agile in cybersecurity, as cybercriminals are always adapting to find new ways to compromise credentials and hack into organizations.

The Month in Breach

As always, hackers found many opportunities to exploit businesses, and as usual, we’re finding out about many of these months after the initial breaches occur. This is your friendly reminder that no one is completely safe from digital criminals.

Amazon Atop the Attack List

The retail giant responsible for hundreds of thousands of orders during the holidays, and during that key timeframe, there was a major internal technical error. The severity of this breach is not the most damaging part, contrary to most breaches. In fact, the most damaging part of this breach has been Amazon’s poor transparency which causes speculation and paints the organization in a very negative light. The behavior of the company indicates that if a seriously damaging breach were ever to occur, they would not be transparent to their customers.


Marriott in Muddy Water

The global hotel chain (responsible for 1 in 15 hotel rooms worldwide), has been at the top of the breach news for the past few weeks. The list of incidents associated with Marriott is long and growing, with one of the worst aspects being a Starwood network breach that has been providing unauthorized access since 2014. Those affected are at an increased phishing risk, and Identity theft is also a very real possibility due to the confidential nature of the information that was accessed. Definitely not the look Marriott was looking for as we hit the holiday season.

Crooks for Cannabis in Canada

The decision to make recreational cannabis legal in Ontario, Canada, has been fraught with problems and now has been tarnished by a data breach at Canada Post. Last week, the Ontario Cannabis Store (OCS) revealed the security incident on Twitter, saying that an unnamed individual was able to access the order records of 4,500 customers, or roughly two percent of the firm’s customer base.

Make a Wish Foundation Used in Crypto Scheme

Users who have visited the Make-A-Wish foundation international site have been hacked to assist in a cryptocurrency scam. While the personal data of customers was not accessed or breached, the site itself has been stealing CPU power from those visiting the site in order to mine cryptocurrency.

Big Bank Breach

One of the largest banking and financial services organizations in the world, HSBC, was breached last week. The data compromised in this breach can be very harmful to an individual if in the wrong hands. Customers know this. Customers will second-guess their choice of a bank if their information is compromised and those thinking about setting up an account could very well look elsewhere.

Financial Fail

A financial breach of epic proportion has occurred in Pakistan, with hackers making off with data from almost 8,000 bank account holders from 10 different banks. The government’s cybercrime division is on the case, and hopefully making progress… although it is too early to tell. The data is being sold on the Dark Web at $100 to $160 a record. With 11,000 records found so far, that is a pretty penny.

Read More about IT Security:

For those of you who want to read more about cybersecurity, check out our other recent blogs:

You can also visit the Security page on our site.


Get Started