Recent Cyber Attacks and Vulnerabilities Worth Our Attention
By Matt Brennan
The reality of cyber attacks is upon us – whether we like it or not. These attacks are not just something that faceless governments and organizations need to worry about. Individuals need to take steps to protect their personal data online as well.
Events over the last year give off the impression that nothing seems safe online. Below are some of the most prominent attacks and what individuals and companies can learn from the experience.
Hackers broke into the Equifax database and compromised the personal data of 145 million people. This was considered among the most significant data breaches because of sheer size, and the sensitive information exposed – everything from social security numbers to addresses.
The company also delayed two months before reporting the attack – and the public doesn’t know who is responsible.
The Equifax attack raises concerns of how much information data brokers are able to obtain, and who maintains responsibility for that information. It’s also critical for businesses that undergo a breach to report it immediately, to begin the process of damage control.
Businesses also need to do everything possible to quickly patch vulnerabilities, so they don’t remain exposed to hackers.
Every one of Yahoo’s 3 billion email accounts were hacked in 2013. The company only found out about the breach in 2016 – and first reported that 1 billion accounts were attacked. No one yet knows who was responsible for that breach.
Email provides a wealth of unencrypted user data. The hackers had total control of the accounts, security questions, and could also access recovery accounts listed that were outside of the Yahoo system. End-to-end encryption with no centralized points of attack can help cut down on vulnerability.
An unsecured Amazon S3 server has exposed the personal information of tens of thousands of FedEx users. There were scanned documents such as passports, driver’s licenses, security IDs, and more. FedEx certainly isn’t the only company to experience data vulnerabilities this way.
For example, Tesla’s AWS servers were hijacked by cryptominers. It’s a vulnerability not unique to Amazon, but possible with any cloud provider.
You can make use of new AWS tools to create a more secure experience for your customers. It also helps to schedule more frequent audits of your cloud platform and to better look for security risks on your own.
Advancements such as cloud computing, open source software, and SaaS make it possible to run your business more efficiently than ever. But these conveniences often come with a price. It’s critical to factor in the security of your customers’ personal data into the development process.
New regulations such as Europe’s GDPR make it increasingly important to take these extra steps to guard the data that is crucial to your business. Let these examples be a lesson and make sure that you are doing everything you can to protect sensitive information.