Kaspersky: Data breaches on the rise

Published June 10, 2021, 6:46 AM

by Emmie V. Abadilla

An enterprise-level company hit by a data breach will lose over P52 million; a small and medium business will bleed at least P5 million, on top of reputational damages which result in loss of customers, according to the latest findings of global cybersecurity firm Kaspersky.

A data breach happens when private and confidential information is exposed or shared without the owner’s permission.

Cybercriminals usually breach a system through social engineering, tricking someone to divulge information or enable access to data networks.

Among Kaspersky users in the Philippines, the cybersecurity firm reported a 160.43 percent rise in detected web threats under social engineering attacks from the first quarter of 2019 to first quarter of 2021, from 7,674,407 to 19,987,120.

Anyone can be a victim of a data breach – a company, a government or an individual.

If a government organization’s classified information is compromised, military operations, political dealings and details on critical national infrastructure can be threatened.

An individual whose data has been breached could become a victim of burglary or car theft if his home address, location or vehicle registration details are shared publicly.

Worst, the individual’s identity could be stolen.

If his device is hacked, he could lose personal photos and videos, lose access to his online accounts like social media, email and then get blackmailed, lose money if cybercriminals get hold of his financial information, or be charged for loans if they get his social security or passport details.

In April, this year, almost 900,000 Facebook accounts of Filipino users were included in a large-scale data leak that affected over 506 million users worldwide.

In the same month, some 345,000 sensitive court documents of ongoing legal cases were found to have been made publicly available.

Earlier this year, the data of about 3.3 million users of an online lending platform was reported to have been sold on the dark web.

In 2019, the country’s military database was hacked into – exposing personal details of almost 20,000 personnel.

In the same year, private details of about 900,000 clients of a pawnshop operator were affected by a breach.

However, the biggest data breach in the history of the Philippines was the leakage of personal information of 55 million Filipino voters in 2016.

Neighboring countries such as Singapore, Malaysia, Thailand, Vietnam are all in the same predicament, making the region a hotspot of data breaches.

“Generally, a data breach happens due to weaknesses in user behavior (human) and technology,” according to Yeo Siang Tiong, Kaspersky’s General Manager for Southeast Asia.

“Our devices get more connective features so there are places where data could slip through. There is no specific sector or person that’s being targeted as cybercriminals do not discriminate. Anyone is vulnerable,” he warned.

Cybercriminals responsible for data breaches use manipulation techniques like social engineering to exploit human error and penetrate the system.

Social engineering tricks come in many forms, from offering time-sensitive opportunities, mass phishing, carrying out personalized and targeted attacks, intercepting communications, posing as someone legitimate, and many more.

Kaspersky put out a five-step guide for companies of all sizes dealing with a data breach.

First, assess the situation.

Evaluate the risk of the data breach to customers. If it’s a high risk, inform the customers without undue delay, perhaps even before reporting to authorities, and give them advice on what to do next.

Second, be transparent.

In 40% of businesses around the world, employees hide an incident when it happens, increasing the damage caused and resulting in customers losing trust in the business on top of negative news coverage.

Third, document everything.

Record what happened, the steps taken and why the breach was reported or not reported.

Fourth, learn lessons.

Once the cause has been identified, fix it and make sure all staff receive training in how to prevent future breaches. Human error causes most data breaches.

Fifth, notify parties.

If one is processing data for other organizations, don’t forget to tell them about the breach. They will have steps they must take too.

On the other hand, individuals who fall victim of identity theft must discover the source.

To correct the problem, they should find out the origin of the attack.

To limit exposure, they should ensure they are logging in using a secure connection.

Also avoid using linked accounts and similar passwords so cybercriminals can’t daisy-chain one’s information.

“Daisy chaining” allows all of one’s accounts to be compromised by breaking into just one.

Run a reliable antivirus solution to detect and remove malware in one’s devices.

Start making calls. Begin with any companies where fraud occurred and ask them to close or freeze one’s accounts and change all of the login and password information.

Cover your bases. Keep an eye on credit reports beyond 90 days and flag anything fraudulent immediately.

Limit the amount of credit services used to reduce the long-term impact of identity theft.

To prevent data breaches, Kaspersky recommends being on the lookout for new patches and updates for your software.

Keeping the operating system fresh and running the latest version simultaneously removes outdated features and brings in fixes to previous security flaws.

This practice is usually mandatory for organizations but is optional most of the time for individual users.

Encryption is key to protecting extremely sensitive information and assets.

Not only is it cost-effective to implement, but it can also give an additional layer of protection for remote workers as well as increase the integrity of your data.

For individual users, there is a wide array of free or low-cost encryption software available online.

Using devices that are no longer supported by the manufacturer will attract unnecessary risks.

Upgrading devices ensures that users are protected against newer vulnerabilities.

Although businesses might be hit with a substantial expense in the upgrading process, data breaches are proven to be more costly.

Enforce strict Bring-Your-Own-Device (BYOD) security policies by requiring the use of business-grade VPN services or antivirus software.

Social engineering tricks usually target employees or individuals that have access to an organization’s networks and systems through insecure devices.

Observe safe practices like using strong credentials or activating multi-factor authentication.

Educate employees on how to avoid socially engineered attacks and use the best security practices.

Knowing how these attacks propagate is half the battle. Individual users must also take it upon themselves to be knowledgeable on how to spot a potential attack when there is one.