The five most common issues that cause a data breach
The number of data breaches at large organisations is growing and is also increasingly in the news. Think for example of the data leaks at Yahoo, Uber, here in the Netherlands at the GGD, RDC, allekabels and most recently at Nebu. Data breaches can lead to significant damage for the organisations involved, ranging from financial losses to reputational damage and legal consequences. It is therefore vital that organisations are aware of the most common weaknesses or vulnerabilities that can lead to a data breach and proactively address them.
The five most common issues that cause a data breach
- Weak passwords
- Outdated software and systems
- Insufficient security measures
- Insecure access to data
- Human error
1. Weak passwords
Perhaps the most common cause of data breaches is the use of weak passwords. When employees use weak passwords, they are easily cracked by hackers. It is important for organisations to make employees aware of the importance of strong passwords and two-step verification. Of course, that is not the only thing you can do as an organisation. By using the right tools, you can enforce the use of 2FA (two factor authentication) or MFA (multifactor authentication) and more complicated password requirements among users.
What is 2FA and MFA?
Almost everyone is familiar with 2FA these days. You log in with your username and password and then you have to prove by some other means that it is actually you. This can be done via an (authenticator) app or by SMS/email, for example.
Multi-factor authentication (MFA) is a security method that adds additional verification steps to the login process to verify a user's identity. Instead of just using a password, MFA requires the user to also provide other information, such as a code sent to their mobile device, fingerprint, facial recognition or a special hardware token. Requiring multiple factors to log in increases security and makes it harder for hackers to gain access to an account even if they know the password.
Password Manager Pro from ManageEngine is one such tool. It allows you to set policies at three levels and ensure everyone is compliant.
2. Outdated software, applications and systems
Outdated software, applications and systems can also lead to data breaches. Hackers often look for security weaknesses in outdated systems to gain access to sensitive information. It is therefore vital that organisations regularly update their software and systems to minimise security risks. For example, programmes like Vulerability Manager allow you to audit all endpoints and scan whether all programmes and applications are up-to-date. Are updates needed? Then use Patch Manager Plus to update all endpoints. Ensuring that all Operating Systems are up-to-date? Then use Patch Connect.
Wordpress hackers are a less relevant for large organisations, but good example of hackers taking advantage of this. Is your Wordpress installation or one of your plugins not up-to-date and contains a weakness that can be exploited by hackers? Then this will happen sooner or later.
3. Insufficient security measures
Another common weakness is the lack of adequate security measures. Organisations should ensure that they have implemented appropriate security measures such as firewalls, anti-virus software, secure networks and access control systems. It is important that these measures are constantly evaluated and updated to ensure they meet the latest security standards. This is because hackers and their attacks are also constantly evolving, so if your system and measures are not, you will find that the risk of a successful attack is higher.
There are also security systems today that work on the basis of AI and can also react immediately when an attack occurs. Darktrace is one such system. Darktrace learns exactly what is normal behaviour within an organisation. Behaviour of users, files and more. As a result, Darktrace immediately sees when an anomaly (abnormal behaviour) occurs and will anticipate it. Ideal when, for example, an attack takes place outside office hours.
4. Insecure access to data
Another common cause of data breaches is insecure access to data. This can happen as a result of inadequate access control systems, such as password sharing and unauthorised access by third parties or inherited rights. Organisations should ensure that they have implemented proper access control systems and that access to data is only granted to authorised individuals.
Inherited rights within organisations are a good example of this. This is about the rights and privileges that an individual or group has inherited from his/her predecessor or group. This means that the person who inherited the position automatically has access to the same privileges, without having to be reassessed or earned again.
The problem with inherited rights is that it can lead to unearned privileges and access for individuals who may not be suited to it. Therefore, it is important for organisations to assess the practice of inherited rights and adjust it where necessary. For example, organisations can regularly review and evaluate the responsibilities and privileges of each position to ensure that the right person has the right position and level of access.
5. Human errors
Human error is a common cause of data breaches. This can range from accidentally disclosing sensitive information to sending data to the wrong person. Organisations should train and make their employees aware of the importance of data security and teach them how to store and send sensitive information securely. In addition, of course, hackers are always looking for opportunities to invade systems. One way they do this is through spoofing and phishing. Spoofing and phishing are both forms of cyber attacks aimed at obtaining personal or sensitive information from an individual.
Spoofing is a technique in which an attacker fakes the sender of an e-mail, phone call, or other means of communication in order to mislead the recipient into thinking that the message comes from a trusted source. A common example is e-mail spoofing, where an attacker sends an e-mail with a forged sender address to trick the recipient into thinking the message comes from a known organisation or person. The aim is usually to get the recipient to click on a malicious link, or to obtain personal information by getting the recipient to reply to the e-mail.
Phishing is a form of social engineering in which an attacker creates a fake website or e-mail that resembles a legitimate website or e-mail, with the aim of tricking the user into obtaining sensitive information, such as passwords, credit card numbers, or other personal data. The goal of phishing is often to gain financial gain by accessing bank accounts, or to gain access to the user's other accounts.
Both attack techniques are dangerous because they are designed to trick the user into thinking the communication is legitimate. It is important to be vigilant and avoid suspicious messages and communications, especially when sharing sensitive information. There are also awareness programmes, such as Knowbe4, that ensure employees are more aware of these risks.
Important for organisations to be prepared for anything
In conclusion, it is very important for organisations to be aware of the most common weaknesses that can lead to a data breach and to act on them proactively. Not sure about security in your organisation or want more information on what you can do to better secure systems and prevent a data breach? Then contact our specialists.