In past blogs, we’ve talked about some of the more common cybersecurity threats. But how dangerous is the web, and how much risk of losing data do you have?
Today we’ll talk about a few of the most widespread threats that need your full attention.
Windows 7 End of Life
When it first came out, Windows 7 was very popular, and it still is. Now, when we say popular, that isn’t an exaggeration. According to a quick Google search, Windows 7 appears to be running on at least 100 million machines worldwide, despite Microsoft ending support for the operating system in 2020.
Because there is no more support for Windows 7, that means no more fixes, updates, or patches for security. This gap in protection leaves a lot of people open to attacks and at risk of losing data.
In case you weren’t aware, the most important reason for upgrading your OS is security-related. So, when Microsoft stops updating security on these systems, it’s just a matter of time before your system becomes an easy target for hackers.
Marriott’s Data Breach
Don’t think that hackers only target little old ladies on 15-year-old computers. Marriott Hotels, one of the largest chains in the world, was fined the equivalent of $123 million for a breach that exposed the private information of over 332 million customers. Even though the hotel chain was the victim, they are the ones who are responsible for what happens on their servers, as you are responsible for storing your clients’ data.
What makes this even scarier is that, while Marriott spends quite a bit on their security, they still didn’t detect the breach for nearly four years. This gap shows that the amount spent on a security system doesn’t mean anything unless it is current, well implemented, and monitored.
One of the biggest trends in ransomware is the targeting of specific industries. Why is this so scary? Well, the most dangerous enemy is someone who knows how to hit you where it hurts most. One example of an industry-specific threat is LockerGoga. This particular software cripples manufacturing firms by forcing their automation systems offline. This disruption is key to the efficiency of the breach. As of this writing, LockerGoga has already affected industrial manufacturing facilities in two continents, nearly shutting down all production. And it also seems that hackers are upping the ante, demanding ransoms in the hundreds of thousands and millions of dollars.
While not excusable, it’s still understandable why someone would want to hack your business: money. But if you’re a medical or charitable organization, you should be safe. Right? Not so fast! For reasons that are not always clear, this year has been especially difficult for data breaches in this sector. Organizations in Europe and Asia, ranging from charities for abused children to HIV clinics, have been breached. While in the US, at least 145,000 individuals seeking treatment for addictions at various facilities had their information stolen from a single server. One would think that even hackers would have some sense of decency, but as the saying goes, “There’s no honor among thieves.”
Your Staff is your Biggest Risk of Losing Data
We all know that Hackers and other criminals are working hard, finding ways to break into your business. But their job gets difficult when employees receive training in the dangers of phishing scams and ransomware. Employees who open the wrong attachments on emails cause about 70% of all malware infections. Up to 50% of your sensitive data, along with your client’s data, can be breached through your employee’s smartphones, tablets, and laptops. And don’t get us started on poor password management.
Not Even Your Donuts Are Safe
In 2020, Dunkin Donuts experienced two hacks within a six-month timespan. The good news was that the stolen information wasn’t super sensitive — it was related to their DD Perks program — but it shows that no data can be considered untouchable. What is odd about this particular instance is that the information went right onto the Dark Web for the highest bidder to purchase. This action may not seem like a problem until you read between the lines. The information contained private usernames and passwords, which don’t matter unless someone wants that free cup of coffee your points earned. However, since many of us reuse the same username and passwords for various accounts, the hackers might find a way to steal more data. It could be just a matter of finding out what other services you use or even which bank you do business with before the thieves gain access to your most critical information.
Unfortunately, we don’t live in a safe world. Every day someone is trying to breach computer systems to grab any tiny morsels of value. The most important lesson we can learn is never to let our guard down. There’s nothing special about you or your system that makes you invulnerable to potential data theft. As long as there is a single penny to be made, it seems that someone is willing and able to attempt to swipe it.
Invest in the best cybersecurity you can get. Don’t be the next company to have your data sold on the Dark Web. If you’re not sure about your current cybersecurity, contact us to set up a meeting to discuss the newest security systems. When it comes to the safety of your data, we recommend that you be proactive and not reactive.