Causes of Data Breaches | How To Prevent and Respond to Them

Data breaches are becoming so common that tools are being built for individuals to check if their information has been compromised. But what exactly is a breach, how do they occur and what actions can be taken afterwards to resolve any damage caused?

What is a data breach?

A data breach is when an unauthorised agency manages to access the protected, sensitive, or confidential data of an organisation. This might not always be to steal the data; in some cases it can be simply copied or viewed.

Breaches can be catastrophic for businesses. Allowing company data to be stolen leads to crimes such as identity theft, particularly when customer data including credit card numbers is the subject of the breach. Or corporate espionage where valuable plans, designs or other intellectual property is accessed by the unauthorised party.

A breach usually goes through the following 3 stages:

1. Probing – the unauthorised party seeks out vulnerabilities in an organisation’s security system. Such weaknesses will not always be systems based. Lax passwords or password sharing is a common form of human error that can lead to breaches.
2. Penetration – next, the unauthorised party enters the organisations network using one of the vulnerabilities they have discovered. Often this will be through inadequate security placed on routers and other connection devices.There are also instances where staff members and employees can be exploited. Blackmail or even the promise of a share of criminal gains can be used as leverage to get people to help an unauthorised agency access to a network.
3. Extraction – once the criminals are into a network, the final act is for them to extract the organisation’s data. This could be copying through the internet, putting onto an external device or even simply viewing the data and copying it out in the old fashioned method, by hand.

How do breaches occur?

Data breaches can originate from a number of sources, including physical breeches or from systems such as cloud-based computing. Although cybercrime and hacking is the top method of network penetration, this is not the only way that unwanted visitors are forcing their way into networks. According to a report by Verizon, the top 6 methods of breaking into networks are:

Physical Actions

This is when individuals are careless with company data. It could be the theft of paperwork with credit card numbers written down on it or a laptop stolen from the back of a car.

Privilege Problems

These breaches happen when workers either knowingly or mistakenly access data that they shouldn’t see or be able to alter. It can also be when authorised individuals abuse their power to access data and pass it on to criminals.

Social Engineering

Increasingly attacks are coming from criminals pretending to be banks, clients, auditing agencies or even law enforcement. This kind of con trick uses the trust of workers to gain entry to networks. It also concerns email and other electronic communications scams such as phishing, where people pretend to be a provider that the organisation already uses.

Human Error

No matter how many preventative measures are put in place, businesses still suffer from people sending emails to the wrong address, using obvious or common passwords or misconfiguring data so there’s no protection.

Malware

The internet is running awry with bots and spy programs that can access networks with little to no human help. Although this dangerous software can cause breaches, Verizon found that the main problem for businesses was actually Ransomware, which has become an increasing issue for everyone in recent years.

Hackers

Individuals or groups making concentrated efforts to access networks is still the top danger to organisations. These parties may make use of other problems in this list such as social engineering, malware and human error to gain access, but once inside they have the power to cause severe damage.

These types of data breaches can be grouped into three main categories of causes for security breaches:

Cause 1: Malicious, intentional or criminal

Cause 2: System glitches

Cause 3: Human error

We explore how these types of breaches happen may happen and their implications in more depth over on our ‘3 Main Causes of Security Breaches’ article.

What are the consequences of a data breach?

Needless to say, all the effects of a data breach are bad for the organisation concerned. In the first instance, the ICO (Information Commissioner’s Office) can fine you under the GDPR regulations. The maximum penalty is 20M Euros or 4% of annual global turnover.

When the dust has settled on the fine, the next problem is the reputational damage caused by the breach. Even if the intrusion was incredibly complex, the perception amongst the public will be that the breached organisation suffered from lax security and inadequate countermeasures.

Most customers will move away from a business that cannot keep their data safe. No one likes confidential information like health records getting out there into the public space. However, if the bank records and credit card numbers of customers are stolen then these individuals will have to take rapid action to avoid identity theft and this is likely to destroy any previous relationship with the organisation.

What to do if your company suffers a data breach

If your company suffers from a data breach then the most important next step is to stay calm. Several experts offer their opinions in this article from Digital Guardian, and we would suggest that you consider the following simple checklist:

1. Determine what was accessed and taken – task your IT experts and support people with immediately evaluating what data could have been stolen from the business, and the vulnerability exploited by the criminals to get into your network.
2. Change all passwords – and router configurations. Make sure that no login credentials anywhere remain the same as they were prior to the attack.
3. Be honest and direct with customers and press – once you have an idea of what’s happened and the people the breach has impacted, let the press know if necessary and start to contact anyone whose data may be part of the breach.
4. Contact any banks or financial institutions – as most breaches have a financial nature, it is also best to contact all the banks and credit issuing authorities connected with your data. This way they can stop or cancel transactions that appear fraudulent.

How can I avoid a data breach?

There are a variety of ways to help avoid a data breach, including introducing strict data security policies, regular penetration testing, multi-factor authentication for logging in and updating software regularly.

One of the most efficient ways of preventing data breaches is the ISO 27001 certification. This data-handling management system allows businesses to build a strong protective policy in all areas – from paper document disposal through to IT passwords and architecture.

Thanks to its consistently evolving framework, it allows organisations to effortlessly take on new ideas and implement them at speed. As an example – when patches come out to remove weaknesses in software and operating systems, ISO 27001 gives support teams the procedural basis to get updates rapidly installed.

Organisation’s who submit tenders to local or central government in the UK also need to prove they meet the Minimum Cyber Security Standard. ISO 27001 not only demonstrates that you meet this standard, but that your organisation goes even further when it comes to data security, helping you to stand out from the competition and win more business.

Protect yourself from a breach

To keep your organisation safe from the unpleasant consequences of a data breach, take a look at our Cyber Security eLearning course. During this 45 minute course expect to introduced to topics such as:

• Password management
• Staying safe at work and at home
• Tips and techniques on safeguarding information

It’s designed to be an efficient and effective course that helps the users understand the basics of cyber security. Take the course to protect your organisation today.