Despite rigorous security efforts by all organizations, cybercriminals continue to find new ways to exploit personal and business data. Data breaches in the first nine months of 2023 increased by nearly 20% compared to all of 2022, and ransomware attacks increased by nearly 70% over the same period.
In fact, data breaches reached an all-time high in 2023. According to the MIT professor, this trend is being driven by increased online interactions that make personal data a target for criminal activity.
Organizations are not unaware of rising cybersecurity risks. In fact, cybersecurity has escalated from an IT-level discussion to a C-suite and boardroom issue, with global spending on security and risk management expected to reach $215 billion in 2024, according to research firm Gartner. is predicted to reach. But hackers are finding more creative ways to bypass security measures, motivated by the trove of unencrypted personal data collected and stored on corporate systems, says MIT Sloan co-founder Madnick, co-director of cybersecurity, said.
He said hackers repeatedly attempt to penetrate networks once they realize that an organization is vulnerable to attack. In fact, from March 2022 to March 2023, 95% of the organizations surveyed by IBM responded that they had experienced multiple data breaches.
“Most companies are aware of this threat and are working to improve their security, but the bad guys aren't staying silent either,” Madnick said. “We have to think beyond what we did for conservation last year.”
In a new report, Madnick identifies three main reasons behind the recent increase in personal data theft. Misconfigurations in cloud environments, the emergence of new and more dangerous types of ransomware, and increased exploitation of vendor systems (sometimes referred to as attack vectors). supply chain violations).
Three main cyber attack vectors
Madnick and his team identified three scenarios that contribute to the increased frequency and impact of recent personal data breaches.
According to a 2023 report, over 80% of data breaches involved data stored in the cloud.
Cloud misconfiguration. Businesses are moving massive amounts of data and core systems to the cloud, with an estimated 60% of enterprise data now residing in the cloud. However, technology is still evolving, and many IT organizations do not have employees familiar with the nuances of cloud configurations and procedures required to properly protect their data. According to IBM research, more than 80% of data breaches involve data stored in the cloud. Madnick said cloud misconfigurations such as failure to change default settings, unrestricted ports, and insecure backups are just some of the ways hackers gain access to cloud-based data and services.
Organizations can address security early in the system build cycle, hire or develop the right people and skill sets to configure dynamic cloud environments, and conduct appropriate auditing and monitoring to ensure configuration. You can reduce your vulnerability to mistakes.
The evolving and growing ransomware threat. Ransomware attacks, in which hackers take control of an organization's data and demand a ransom in return, are becoming more common and changing in nature. Until now, companies affected by ransomware have faced business outages and had their corporate data locked down. Today, it has become the norm for bad actors to take aggressive actions such as stealing personal data collected and stored by organizations or threatening to leak stolen consumer data to the dark web. In other words, they are adding intimidation to the ransom attack.
Madnick said more advanced ransomware techniques, including those incorporating artificial intelligence and collaborative efforts by ransomware gangs, are contributing to the increase in ransomware attacks. Ransomware-as-a-service (essentially a “commercialized” version of malware available to bad actors) is also fueling attacks.
Diligent data backup and recovery remains an important protection tool for corporate data. Organizations also need to monitor and prevent data leakage from internal systems and employ encryption to ensure stored data is not useful to attackers, Madnick said.
Vendor exploitation attacks. Mission-critical accounting, inventory, and customer management systems from vendors used by companies also provide a means of entry into the company's systems (what Madnick calls “side doors”). These side doors allow vendors to provide regular updates and patches, but allow attackers to exploit vulnerabilities in vendors' systems to reach customers using those services. . This is a vector known as a supply chain attack.
Related article
One unpatched vulnerability in one vendor's software can give hackers access to personal data at many organizations around the world that use that vendor's software. In one example cited in Madnick's report, hackers exploited a vulnerability in his MOVEit managed file transfer software, impacting more than 2,300 of his companies in more than 30 countries. As a result, as of October 2023, the personal data of more than 65 million people was compromised.
To avoid or minimize the damage from this scenario, Madnick recommends using a professional firm to assess the cybersecurity health of potential vendors. It is also important to take steps to minimize vendor side door capabilities by limiting vendor access to only what is necessary.
Other recommendations for companies from the report include:
- Limit the amount of personal data stored in readable format.
- Employ solutions that implement end-to-end encryption to reduce the amount of vulnerable data stored that poses risks to individuals.
- Don't be an ostrich. Recognize the seriousness of the current situation, invest in the right tools, and educate your broader workforce about cybersecurity responsibilities accordingly.
“There is little you can do to ensure you are not a victim, but there are many things you can do to be safer that are not being done,” Madnick said.
Read the report: “Continuing threats to personal data — key drivers behind growth in 2023”
