2018 has been a year in which we have had some good news, like increased awareness of cyber risks and a decrease in overall breaches. However, this also comes with bad news as more breaches fall into the mega-breach category and more scams become personalized for each company. Some of the sectors that saw the most — and largest — breaches were healthcare providers and financial institutions. These breaches cost companies hundreds of thousands to millions of dollars to recover from. Here’s a look back at the biggest takeaways from 2018.
Mega-breaches
The number of breaches overall has gone down, which would seem like a win. However, more breaches are falling into the mega-breach category, meaning they expose thousands more records than normal breaches. These are the kinds of things you hear about in the news, such as incidents that affected companies like Facebook and Marriott. Facebook saw 50 billion of its users affected by a breach of their personal information stored on the site, while Marriott saw 500 million customers’ records breached, according to Forbes. On the healthcare side, a breach at Atrium Health saw the records of 2.65 million patients and employees compromised.
Targeted Attacks
According to Healthcare Informatics, a 2018 study found that mobile device phishing attacks had gone up by 85 percent year-over-year since 2011. Many employees use their phones to access their email, which is what hackers are counting on to get access to a company’s data. This highlights the importance of informing employees of best practices while dealing with suspicious activity, even when they are away from work. Since many websites and apps have personal information and can track your every move with cookies, hackers are able to access personal information about employees and companies in order to create a personalized and generally more successful phishing campaign, according to CSO Online. Employees are your first and best defense against hackers — make sure they are aware of this.
Cryptomining
Cryptomining has taken over as a staple in the hacker’s handbook. This process involves a hacker placing bots in your system and instead of stealing data, they steal processing power. This is so popular because it is virtually undetectable. Read more about it on our blog. According to TechSpot, a study by McAfee found that instances of cryptomining have gone up 4,000 percent in the past year, making it one of the biggest threats to keep an eye out for in the new year.
Cyber security is getting the attention it deserves by companies, but there is still work that needs to be done. There is a cyber security talent shortage that needs to be filled if there is any hope of fighting the hackers who are sending out thousands of phishing emails a day to companies. The best thing for companies is to start 2019 off right with a review of best cyber security practices and come up with a cyber security plan for more protection. One easy step: require two-step authentication when employees access their emails. This alone will help in decreasing the number of successful breaches in 2019.
MDL Technology has an array of cyber security services to keep your data safe. Check it out here.