What does a cyberattack look like? There’s no specific technique, target, or goal to unite them. They can be part of an anti-terrorism campaign, like the United States’ Stuxnet attack on Iranian nuclear refineries. They can be motivated by financial gain, like the recent trend of ransomware attacks that demand payment in Bitcoin before unlocking the target’s data. Some attacks are simply done for hacker clout, like the spade of DDoS attacks done in the 90s and early 00s. As time goes on, new cyberattack strategies are emerging that may define the rest of the decade.
In 2020, observers noticed an uptick in attacks that focused on securing and/or releasing corporate data. Attacks that resulted in a data ‘leakage” increased over the past year, and 2021 has continued that trend through January. On the first day of the year, over nine thousand data leakages occurred, a larger single day number than any day from 2020. With 2020 already representing a 93% increase in leakages over 2019, any continuation of the trend is threatening. Without a strong response to this trend from the public and private sector actors who work with confidential consumer data, it is likely to continue its astronomic growth.
So what are some of the steps that possible targets of these attacks can take to minimize their risk?
- identify what sensitive data your company holds and where it is stored
- periodically review whether the sensitive data your company holds can be deleted
- monitor user activity as it relates to sensitive data and limit non-essential access
In the case that prevention fails, and your business is affected by a possible data leakage attack, time is essential. Creating a strategy for security response teams prior to an attack is crucial to properly identifying the attack, quarantining the data, and limiting the scope of the leakage. If you or your company are looking for assistance in creating that plan, reach out to us at firstname.lastname@example.org.