The biggest security breaches of 2016 weren't limited to one specific sector: no company or agency was safe. Some of the most notable breaches included:
The first big breach in 2016 was none other than the United States Department of Justice. This attack perpetrated in February was reportedly performed by attackers upset with the U.S.’s relation to Israel. They stole and publicly released over 30,000 names, titles, phone numbers and email addresses of FBI and DHS employees.
Verizon Enterprise Solutions, (Verizon’s security breach and IT services division that services businesses and government agencies), was hit by hackers who stole personal information of 1.5 million Verizon customers.
The popular online file hosting service Dropbox was forced to deal with a data breach that actually occurred in 2012, as it turned out the original attack had affected more users than originally thought. In August, it was confirmed that over 68 million Dropbox usernames and passwords had been compromised.
And yet again Yahoo made the headlines this year as it was revealed that a hacker had stolen information from at least 1 billion accounts, including passwords, full names, dates of birth, telephone numbers along with the security questions and answers.
Now while some of these things may seem fairly innocuous information to have stolen let’s explore what an intelligent hacker could do with that data: Whether we like to admit it or not, entirely too many people share account usernames, email and passwords. So if your Yahoo account had been compromised along with your password, the attacker can then take your account, and use the built-in password resets to break into your social media, online banking, and online tax filing accounts. Suddenly, that one email address breach doesn’t seem so harmless.
Outside of just stealing account information, 2016 saw the rise of several new trends in cybercrime.
The fastest growing trend is probably one of the scariest: Crime-as-a-service. The idea behind this is to make a legitimate, profitable business out of cyber-crime.
Have you ever received a call from a person claiming to be from the security software you installed on your computer? They'll say something like they've found some security breaches and need remote access to your system to patch these holes.
Sounds a little fishy doesn’t it? It should. As hard as it is to believe, there are call centers set up to run these calls. These people hope to remote into your system and install the actual malware payload. The payload typically installs ransomware, forcing you to pay a ransom to get your system operational again.
Ransomware-as-a-Service also saw a rise in 2016. There are actually variations of ransomware that are so user friendly that cyber criminals don't even need computer skills anymore. They can download the ransomware (for a small fee and/or a cut of the ransom) and start attacking.
Fortunately, as threats evolve, so do security measures. Though, don’t forget: there is never a 100% guarantee when it comes to data security and not tool or software is going to keep you safe if you’re not using basic data security best practices.
Two factor authentication while not a new concept is becoming more and more mainstream to stop attackers from stealing information. From bio-metric means such as the fingerprint scanner, and facial recognition software built into Windows 10, to PIN codes and chip readers for debit cards, the name of the game today is to have two methods for proving who you are.
There’s also an option to use Azure Active Directory two factor authentication to permit or deny users being allowed to authenticate to Azure Active Directory or Office 365 services. This service can use the source IP address or previously enrolling the computer in an approved list.
There are also additional methods of protecting physical equipment. BitLocker hard drive encryption prevents thieves from physically stealing the drives and being able to access the data as they wouldn’t have the encryption key to decrypt the data.
While BitLocker works at the hardware level there are other products, such as Symantec Endpoint Encryption, that work as a pre-boot client that actually encrypt and decrypt the drive prior to Windows starting up.
Services such as a sandboxing are now becoming more and more mainstream. The idea of a sandbox is to check downloaded files, whether from websites or email attachments, to ensure that they are what they claim to be. Most sandboxing services use a virtual environment that takes a copy of the file, uploads it to the virtual environment, opens it and monitors behavior. If the file begins generating bizarre traffic such as downloading a malware payload or redirecting web traffic, the file is reported as bad and stopped from being run in the live environment.
Companies are becoming more and more concerned and willing to spend more for security. Things like being able to analyze SSL encrypted network traffic and having a working disaster recovery plan in the event of a ransomware attack are becoming increasingly critical in technology budgets.
On the horizon, there is even talk of adaptive and behavior-based authentication to help combat the security problems in today’s world. Companies like Apple and Lenovo are working on integration bio-metric sensors into touchpads and keys to monitor typing speed and pressure on the keys. If these measures can help keep us all safer, I believe we may finally be a step ahead of the cyber criminals that seem to run, unchecked on the web today.