In this day and age, security incidents are almost inevitable. Executives must constantly consider not just how they can protect against cyberattacks, but—perhaps more importantly—how their organization will bounce back when an attack does occur. Our eBook addresses 4 steps CISOs can take to improve cyber resilience.
When one area of an enterprise is breached, an adversary can move laterally across the enterprise, compromise some valuable asset, and then exfiltrate data or do damage. This is what happened during the 2017 Equifax breach, the 2020 Twitter breach, the 2021 Microsoft Exchange Server hack, and the 2021 Kaseya ransomware attack.
In May of 2017, hackers accessed the American credit bureau Equifax through a weakness in a third-party software that Equifax hadn’t yet updated. As a result, the bad actors gained access to Equifax’s internal network, compromised employee credentials, and searched the database as supposedly authorized users. An estimated 143 million U.S. customers’ sensitive information—including social security numbers and addresses—was exposed due to the breach.
Like many disasters, the Equifax incident was entirely preventable. A 96-page report released the year after the breach claimed that Equifax failed to modernize its technology, ignored important system updates, and stored sensitive data on out-of-date systems. By failing to prioritize a known risk and achieve a cyber-resilient position, Equifax put itself in a position to be severely compromised.
In the midst of the 2020 global pandemic, Twitter fell victim to one of the biggest social media cyberattacks in history when 130 verified accounts—from Elon Musk to Kim Kardashian—were hacked to con money out of followers.
According to Twitter’s official statement after the incident, the attackers manipulated some Twitter employees to access internal systems and send the tweets. The ultimate consequence of the attack wasn’t just users’ lost money. Twitter’s credibility as a platform was also in jeopardy. If verified accounts couldn’t be trusted, what else was at risk?
Not surprisingly, the role of chief information security officer was vacant at the time of the attack. The previous security chief had joined a cyber resilience firm the year before. Less than two months after the July breach, Twitter announced the hiring of its new CISO.
At the beginning of 2021, Microsoft became aware of four zero-day bugs that were being actively exploited by a China-backed group of hackers who stole email mailboxes and address books from tens of thousands of United States organizations.
While the attack didn’t pose a threat to national security, it did draw the attention of the White House and the FBI due to its economic implications. Even after Microsoft released patches to fix the vulnerabilities, they did not remove backdoor code left behind by the hackers, so the FBI had to step in to make sure the affected organizations wouldn’t be subject to this type of breach again. The remediation costs were devastating for thousands of companies.
The Florida-based information technology firm Kaseya jeopardized 800 to 1,500 businesses around the world due to a ransomware attack on its systems. One of the software tools Kaseya provides to clients was subverted in July 2021, enabling hackers to paralyze hundreds of businesses on five different continents. Rather than stealing valuable data, the Kaseya hackers demanded $70 million in exchange for restoring functionality for all the affected businesses.
As ransomware attacks become increasingly disruptive, ransom payments pose a continually greater threat. In the event of a breach, companies cannot afford to sacrifice millions of dollars in ransom payments on top of the money they’ll lose due to productivity failures and lack of trust.
Improve Your Cyber Resilience
In most cases, data breaches follow predictable patterns. Our eBook outlines the steps you can take to identify those patterns and avoid disasters like those in recent news.
Is your organization prepared to withstand an attack—or bounce back quickly after one occurs? TruOps was created to help you achieve cyber resilience. Set up a demo here.