6 Lessons From Major Data Breaches This Year6 Lessons From Major Data Breaches This Year
Though many incidents stemmed from familiar security failures, they served up — or resurfaced — some important takeaways.
September 22, 2021
Data breaches can have many causes, but most of them boil down to an organization failing to do something or detect something they should have if they had been following security best practices.
Even so, these attacks can reveal a lot about the bad guys' tactics, techniques, and procedures, the state of malware, and developing trends on the threat horizon.
Many ransomware attacks, for instance, might have the same root cause — like a poorly configured RDP server that provides an initial foothold on the network, or a user clicking on a malicious attachment and downloading malware on their system. Yet today's ransomware attacks are very different from those of even a year ago. Many involve double- and triple extortion schemes where attackers not only encrypt data but also use data theft and denial-of-service attacks as additional forms of leverage. As a result, the impact of ransomware attacks — and the responses to them — are different today than they might have been just a year ago.
Similarly, while phishing continues to be one of the most common initial attack vectors, phishing schemes themselves have become a lot more sophisticated and targeted, with many attacks now combining the use of email, text messages and phone calls.
Here's a look at some breaches or clusters of similarly themed attacks over the past year that served up (or resurfaced ) some key lessons for security leaders.
About the Author(s)
You May Also Like
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication MethodsOct 26, 2023
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023