Tech Group

View Original

Network Security: Recent Hacks And How You Can Protect Yourself

2016 was a banner year for large organizations proving vulnerable to pernicious data theft, although they were far from alone. In fact, that year saw 3.04 million data records compromised each day, a genuinely frightening statistic serving as a reminder of how our confidential information is only as safe as the security protocols guarding it.

With security hacks making constant headlines one would think that most businesses have shored up their network defenses. However, a 2015 survey revealed only 38% of global organizations feel they are prepared to handle a sophisticated attack, and fully 81% of those who are the victims of data breaches had no managed security services in place.

Hackers are very adept at finding and exploiting network vulnerabilities. It is a difficult endgame trying to stay ahead of would-be data thieves; however, the risk of failure can mean legal liability, costly system downtime and damage to your organization’s reputation.

Let’s take a look at three of the largest security hacks from 2016, determine what you can learn from them, and explore policies and practices that can help protect your critical data against theft.

RECENT SECURITY HACKS AND HOW YOU CAN PROTECT YOURSELF

We sometimes take for granted how well large organizations safeguard their user data. As we will see, even the biggest and most technologically savvy organizations can prove vulnerable to an attack by a determined individual or group.

YAHOO

It has been called the largest data breach in history. In November 2016, Yahoo revealed that more than one billion user accounts were compromised three years prior in August 2013. To make matters worse, this announcement came on the heels of a separate 2014 breach that affected 500 million accounts.

“For potentially affected accounts,” wrote Yahoo CISO Bob Lord, “the stolen user account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (using MD5) and, in some cases, encrypted or unencrypted security questions and answers.”

So what happened?

In the case of the 2014 breach, the company believes that a “state-sponsored actor” was involved. The 2013 hack, though, was found to be the result of forged cookies – snippets of code that stay in your browser to remember your login credentials – that allowed attackers to gain access to the accounts.

Security consultant Brian Krebs maintains that Yahoo “appeared to fall far behind its peers in blocking spam and other email-based attacks.” He further points out that features such as secret questions tend to end up weakening the overall security of these accounts.

DROPBOX

Another online behemoth, Dropbox, announced in 2016 that a 2012 hack had exposed the passwords and email addresses of over 68 million users.

These passwords were quickly found to be up for sale on the dark web for an asking price of two bitcoins. Fortunately, all the affected email addresses and passwords were encrypted; however, they remain vulnerable.

Malcolm Harkins of security firm Cylance says in a Washington Post article, “passwords are outdated, they are annoying to users, they annoy IT teams, they are hard to remember,” further demonstrating that passwords alone are not often sufficient to protect sensitive information.

So what happened?

According to Dropbox, the original hack started with a stolen password that was used to access an employee’s account and retrieve a data set of user information. The company claims that they have put additional measures in place to ensure that it does not happen again.

TUMBLR

If you venture into the dark web, you will find more than Dropbox user information for sale. Tumblr announced in 2016 that they too had been the victim of a hack three years prior that resulted in the compromise of 65 million accounts, with all of the sensitive data available for purchase.

Moreover, like Dropbox, the Tumblr passwords and email addresses were salted and hashed, making it tough for anyone obtaining them to make practical use out of them.

So what happened?

It is not clear how the breach occurred, and Tumblr has been relatively tight-lipped about it.

In a statement, Tumblr admitted that the data breach was authentic but claimed that due to the difficulty of decrypting the information it was highly unlikely that accounts had been accessed. Still, because of the lax practices many individuals employ with regard to setting their passwords, it is not out of the question to presume that this sensitive information could fairly easily be deduced.

WHAT WE CAN LEARN

The common thread in these three examples is the relative ease with which hackers were able to gain sensitive information. These were not cases of using sophisticated applications to brute-force their way into highly secure networks. On the contrary – Yahoo, Dropbox, and Tumblr were the victims of their complacency.

What can we learn from these hacks?

  • Large numbers of user accounts were compromised at one time

  • The Yahoo attack showed that the ubiquitous cookies are a potential vulnerability

  • Dropbox’s hack was the result of a single password being used to access millions of accounts

  • All the stolen information was available for sale

  • Salting and hashing, while making it difficult to decrypt the data, cannot stop a hacker from deducing passwords cross-referenced from other breaches

  • Passwords are a weak form of data protection

HOW TO PROTECT YOUR INFORMATION

With these takeaways in mind, there are several steps you can take to ensure the security of your network. These include:

  • Using two-factor authentication instead of a single password to access sensitive information

  • Ensuring you update your software and deploy security patches

  • Establishing robust security procedures and enforce them so that all employees work together to deter data breaches

  • Using data encryption to ensure that any data obtained illegally cannot be easily accessed

  • Ensuring that your system is protected against viruses and malware

  • Minimizing the number of administrator accounts that can provide easy access to sensitive data

Learning the lessons of these security breaches and implementing safeguards to counter them can help your organization remain safe and secure. Taking these minimum steps can help save you from becoming yet another frightening statistic.

Tech Group offers comprehensive IT services to companies and organizations in Miami and the South Florida area. We have 25 years of experience helping businesses overcome technology hurdles to help move them forward. Contact us to learn how we can empower your technology to help you reach your goals.