Cyber Criminals Target Data, not Industry
August 09, 2019 | Data Breach, Cyber Threats, Dark Web
Today, data breach incidents have become common news headlines across the globe. A layman’s psychological traits drive the idea of any data breach incident towards financial institutions. According to the trends and our findings, we come across several instances where people estimate the common reason for any breach incident is to take hostage of confidential information, database of any financial organization. However, it is highly essential to realize that data breach incidents are never restricted to the financial industry; instead, today every industry is vulnerable.
Every Industry is Vulnerable
In today’s time, no industry is safe from data breach threats. Not even a week back, one of the reputed and popular automobile companies suffered a breach of 134m rows of system data mounting to almost 40GB size. This data was stored in an unsecured elasticsearch database, which stores, manages and retrieves document-oriented and semi-structured data. As a result, any user, who is aware of the company’s most sensitive data location, can access accounts, files or applications without any hindrance.
Even the company's security systems, networks or even technical data comprising of IP addresses, operating systems or latest patches become vulnerable due to uncontrolled access mechanism. This kind of data storage structure gives ample scope to the cyber crooks. It offers incentives to engage with anomalous activities and inflict huge losses to the organization.
If we shift our attention to other industries, then also we come across incidents which proves that BFSI industry is not the only victim of data breaches. Organizations from manufacturing industry suffered data breaches in the United States last year. Also, 32million patients’ records from healthcare organizations have already been breached in the first half of 2019 across the globe. Not only that, organizations from pharmaceutical industry and Government sector have also suffered data loss due to poor IT security infrastructure. Earlier, in a separate incident, a popular and global pharmaceutical giant suffered a massive data breach and their business came to a standstill for quite some time. Recently, 5 million Bulgarians’ records were hacked from the country’s tax revenue office. While the entire country has an overall population of 7 million, this hack is highly alarming and shows how an entire nation’s digital identities can be under stake due to IT security negligence and poor awareness. With so many incidents already in front of us, let us discuss why data breaches are never industry-specific.
- Every organization in every industry generates, accumulates and processes data
- Digital transformation has happened in every industry, hence security vulnerability of data assets exists everywhere
- Cyber crooks always look for confidential business information (eg. financial details, client details, business contracts, employee payrolls, revenue structure, operations records etc.) which has high demand in the dark web; it is the soul of any organization from any industry
- IT security awareness is given scant attention in organizations irrespective of industry and geography
- Preconceived notion of security vulnerability are tall barriers; it includes 1) Less number of devices, users are safe, 2) cyber crooks never target startups, 3) unconventional industry is comparatively safer from cyber threats
- While the pattern of threats are more sophisticated and advanced, any industry can be affected because sensitive information is available everywhere
The Bottom line:
Cyber crooks target data which are sensitive and confidential; they are least concerned about the origin, organization or industry of the data.
ARCON is a leading enterprise risk control solutions provider, specializing in risk-predictive technologies. ARCON | User Behaviour Analytics enables to monitor end-user activities in real time. ARCON | Privileged Access Management reinforces access control and mitigates data breach threats. ARCON | Secure Compliance Management is a vulnerability assessment tool.