Another day, and another data breach has hit a large company that could potentially impact millions of people.
The data breach at the US credit card company Equifax has reportedly exposed the social security numbers and other data of around 143 million Americans.
Cyber security experts from the tech industry have been quick to react to yet another data breach, CBR lists their insights and recommendations.
David Emm, principal security researcher, Kaspersky Lab
“This is yet another case of a breach becoming public long after the incident itself occurred, which underlines the need for regulation. It’s to be hoped that the GDPR (General Data Protection Regulation), which comes into force in May 2018, will motivate firms to, firstly, take action to secure the customer data they hold, and, secondly, notify the ICO of breaches in a timely manner.
“The best way for organisations to combat cyber-attacks is by putting in place an effective cyber-security strategy before it becomes a target. Customers that entrust private information to businesses should be safe in the knowledge it is kept in a secure manner – and businesses should use security solutions to significantly mitigate the risk of a successful attack. There are also other measures that companies can take in order to provide thorough protection, which include running fully updated software, performing regular security audits and performing penetration testing.
“Consumers have no control over the security of their online providers, but they can mitigate the risk of a security breach of an online provider’s systems. We would recommend that everyone uses unique, complex passwords for all their online accounts, and we would also urge people to take advantage of two-factor or two-step authentication where a provider offers this.”
Ondrej Vlcek, CTO and General Manager, Consumer, Avast
“It is still not clear what kind of vulnerability was taken advantage of in the Equifax breach, however it is likely it was a leak through a web application flaw. It is unacceptable that credit bureaus which hold so much personal information which they then sell, can allow such a breach to happen and practice poor security hygiene.
“We speculate that the attackers used a SQL injection to gain access. Hackers are consistently searching for these vulnerabilities, and companies, especially those with access to so much sensitive information, need to significantly increase their diligence in maintaining security of their data. This is one of those cases where there is unfortunately really nothing consumers can do except be vigilant. We expect it is only a matter of when, not if, this data appears on the Dark Web market.
“At this point there are a few actions potential victims can take to help ensure they are protected. First closely monitor all email, social, credit card and bank accounts closely for suspicious activities. Second, consider looking into a credit freeze that will stop hackers from using your identity to accrue debt. Also, don’t respond directly to emails and other messages notifying you that you’re a victim. They may be scams. Instead, open up a new tab and log in directly to the site in question, or call the support center number listed on their site.”
Nigel Hawthorn, chief European spokesperson at Skyhigh Networks
“No doubt Equifax has been working feverishly behind the scenes since it found the breach in July. All businesses must think about the steps they would take in similar circumstances to investigate a breach, track the data lost and put together a communication plan to customers. Not having a pre-prepared and tested incident response plan causes delay in disclosing data loss which simply opens up the company to further criticism and reputation damage when information is eventually publicised. Moreover, companies have to ensure that they are aware of every outsourcer, business partner or cloud service that may be sharing data, as similar breaches at any of those will have repercussions up the chain.
“For all of us as consumers, we need to recognise that someone may have, and lose, our data even if we don’t deal directly with them.”
Andreas Kuehlmann, senior vice president and general manager, Synopsys, Software Integrity Group
“We’ve grown accustomed to data breaches, but what events like this and the recent ransomware outbreaks bring to light is that the scope and impact of cyberattacks are intensifying. We are more interconnected and dependent on software than ever, and when that software or those who maintain it are compromised, the consequences are becoming increasingly disruptive. It is imperative that organisations take a more proactive and aggressive stance on security – and it starts with building more secure software.”
Chris Morales, head of security analytics at Vectra
“Equifax needs to raise their cybersecurity score. Enterprises have to realise they cannot address cybersecurity by simply spending money on intrusion prevention solutions and instead need to shift investments to detection and response solutions that are being used by today’s advanced attackers.
“The cyber attackers gained a foothold by seemingly exploiting a web application vulnerability. From there, they most likely escalated privileges, abused credentials and admin protocols, moving laterally through the network, which businesses rarely have the necessary tools to detect.”
Anthony Di Bello, Sr Director of Product, Guidance
“Equifax’s breach is yet another data point (albeit a massive one) in the new reality of “continuously compromised” organizations. Make no mistake about it: these breaches will continue to happen and make headlines. Our research found that one in four businesses suffered direct financial losses due to a cyber attack in the past year (and organizations reporting “significant financial losses” tripled).
“Almost two-thirds had fallen victim to malware-related breaches. We’re in a new reality where it’s not just “will my company get breached?” But a question of when. Fighting back requires a well-planned endpoint detection and response strategy that can mitigate the otherwise crippling repercussions businesses are increasingly seeing from these cyberattacks.”
This article is from the CBROnline archive: some formatting and images may not be present.