How do you define what happens after a successful hack?
We all read and hear about different types of cybercrime and its different levels of impact. As a IT company we hear about companies whose network has been liable, leading to the loss of important and sensitive information.
There are three simple categories: those who break in, what they use to break in and what happens after a break in.
Who is trying to break in to your accounts?
Malicious hackers: A person or a group of individuals who make a concerted effort to break into an organisation’s network or a personal computer or device to do harm of some kind. They are often in it to make money and work somewhere in the Dark Web. These individuals are called Black Hats. Malicious hackers can also be those who have been tasked, as citizens or otherwise, to instigate a nation state-sponsored attack meant to disrupt operations or steal information from a government organisation or company in the private sector within another nation-state.
Hacktivists: A person or group of people who might either break in, or simply knock on the front door to prove they could break in if they wanted to. Hacktivists are not in it to make money. Their goal is to promote a personal or businesses agenda or affect social change. Basically, a hacktivist wants to make a point that networks and computers are not impervious to their attacks, and what they can view, extract, and share may be information they feel should be shared publicly. For example, Wikileaks is a well-known hacktivist group.
Ethical hackers: An ethical hacker, sometimes called a security researcher, will work to find and exploit a vulnerable piece of technology (aka a vulnerability). These individuals often identify a software or hardware flaw and inform the vendor that something needs a patch. For example, LastPass has a bug bounty program where security researchers can responsibly report any issues they find. When valid issues are found, they offer rewards proportionate with the severity of the issue. This is a great way to keep your product strong and safe.
What are they using to break into your accounts?
Software in the form of executable code or a script that has been programmed to break into a network or computer, to cause harm or not, has many names and forms. The overarching term for this is “malware” which is shorthand for “malicious software”.
Malware essentially activates itself once it gains entry through a vulnerability. The code itself has many names and variants including Virus, Worm, Ransomware, Adware, and Trojan Horses. Missing from the list is “bug” because it is a flaw (or mistake) that made its way into existing software or hardware by the engineers who programmed it.
What happens after your accounts have been compromised?
We hear “data breach” in the news associated with companies like Marriott and others. A data breach is an after-effect of a security event or incident. From a legal perspective, what it is called makes a very big difference.
Security event: This is when something has occurred that presents a security risk to any degree of severity. It is essentially a noticeable change in the typical behaviour of network, system, process, or computer. It can range from a normal event that does not require a response, to an emergency event which requires immediate action.
Security incident: The difference between an event and an incident is human. An incident is something that can be determined to be caused by a person or group of people. An incident can become a serious situation when it is determined that there is malicious intent behind it. As a point of clarification, all incidents are a form of an event, yet not all events constitute an incident. For example, when there is a defect or flaw (aka our friend the bug) there may be a technical failure as a result. This is a random event, and not an intended, malicious one.
Data breach: This is a type of security incident where sensitive information has been exposed and stolen due to unauthorised access. A Business that has suffered a data breach is bound by regulations such as HIPAA to inform those who have been affected by the loss of their personal information such as credit card numbers or patient health information (PHI).
How to keep your business from getting broken into?
To Keep your business secure, you need a multi-layered approach. Businesses should adopt the following:
- Purchase security software to protect against viruses and ransomware attacks.
- Invest in Email filtering software that prevents phishing attacks reaching your network.
- Implement Two Factor Authentication wherever its available.
- Adopt a good password policy and password management.
- Training for all members of staff so that they know what a phishing email looks like.
- Penetration testing to identify any weak points on your network.
- Configure a firewall to prevent hackers being able to access your network.
- Enable sand boxing technologies that scan emails and test them before they are delivered.
Source : https://blog.lastpass.com/2019/03/whats-difference-hackers-malware-data-breaches.html/?cid=LP_Global_ADH_Newsletter_Free&utm_medium=email&utm_source=newsletter&utm_campaign=lp-global-en-adh-free-2019-06-18-newsletter-free&utm_content=free&mkt_tok=eyJpIjoiWkRNd05UaGlaVFF6TlRnNCIsInQiOiJrTEV3enR4ZUl4eXNEM3Zld2ZoT1wvb3lqYVRcL3BDcDBlZytnRDBsZ0tcLzhxUWs3N3NBSk9VNmFEUGw0a1grYjJhZml3d2xoVjFqaVNsOTljMlBtY0FZVWVxdDUrOGhhWHJCaVU3XC9LaXNzMmVlNlVMT05wQnV0WkVnajQzSGVTc1EifQ%3D%3D