Lessons learned from the biggest cyberattacks in 2019

Lessons learned from the biggest cyberattacks in 2019

Cybercrime has run rampant across the country, costing the economy $2 trillion in 2019 alone. Damages are projected to triple to a total of $6 trillion in damages by 2021, with small businesses being the largest targets.

Florida has ranked as one of the top state victims of cybercrime, second only to California with an accumulative $110.6 million in losses.

Below, we dive into the largest cybercrime scandals of the year, with tips on leveling up your security for 2020.

First American

The First American incident took place in May with a total leak of 885 million records, cementing its place as the nation’s second-biggest data breach in history.

Through a lack of a solid security system, real estate developer Ben Shoval discovered that he could access the company’s sensitive data by merely changing a single digit in their URL. After First American ignored his concerns, the incident was then reported to a security journalist named Brian Krebs.

The loophole exposed records dating back to 2003, with customer’s social security numbers, bank account numbers, mortgage and tax documents, and driver’s license information left vulnerable to the public. The company immediately locked down information following this public release, and while it wasn’t confirmed if anyone had actually found and stolen the data, their lack of cybersecurity was a wide invitation for financial scams and identity theft.

Download our free eBook!

Unsure about securing your organization's data? Read through our free eBook, 3 Essential types of cyber security solutions your business must have and gain a more detailed understanding of what it takes to protect your business from every angle.

Download now!

American Medical Collection Agency

In March, a healthcare debt collector known as the American Medical Collection Agency (AMCA) discovered that their systems were breached, with hackers accessing private data since August 2018.

The incident affected millions of customers, exposing their first and last names, phone numbers, addresses, healthcare providers, and other sensitive information. Thankfully, the data did not include social security or insurance ID numbers.

The contracted companies affected included LapCorp and Quest Diagnostics, each suffering an affected 7.7 million and 12 million patients, respectively. It’s possible, however, that others were caught in the crossfire given the AMCA’s wide database of contractors.

Facebook

Facebook’s security incident in April was yet another case of negligent cybersecurity.

About 540 million users had their private records exposed to the public; a leak caused by two third-party app developers who accidentally published the data on Amazon’s cloud computing platform.

Fortunately, no hackers were involved. The data leak, however, included users’ private emails, unique Facebook IDs, and phone numbers all open for the taking. This information could have easily been used to perform spam calls or SIM card-swaps, a tactic used to trick cell phone service providers into transferring one’s phone number to a hacker.

US Customs and Border Protection

Finally, the US Customs and Border Protection (CBP) data breach taught businesses that security systems require regular checks, maintenance, and updates to ensure the total safety of sensitive data.

In May, hackers stole the information of about 100,000 travelers, including photos and license plates. Perceptics, a long-time contractor of the CBP, had also lost information on their surveillance hardware and details on its implementation.

Hackers sold Perceptics’ information on the dark web, and the contractor was later suspended by the CBP without further details.

Lessons learned from these attacks

Regardless of size, any business is at risk of cybercrime without the proper security systems in place. Here are few practices to keep in mind for keeping your company data safe:

  • Continuous risk assessment is mandatory – Proper cybersecurity isn’t a one-and-done effort. New methods, tactics, and technologies are constantly emerging and exploited by hackers. It’s important to run regular penetration tests, along with identifying new threats, vulnerabilities, and potential consequences.
  • Educate all employees on best security practices – Ensure they’re aware of common attacks such as phishing scams, malware, or man-in-the-middle tactics (in which an attacker relays messages between two parties who believe they are interacting with one another). They must also adopt the habit of performing constant backups, installing (and updating) anti-malware software, and changing their passwords on the regular.
  • Apply multilevel security – Multifactor identification is a must for any business, offering you and your employees that extra level of protection. This method involves presenting two or more pieces of evidence to authenticate your access, making criminal entry a far more challenging process.

With the sophistication of today’s cybercrime landscape, you can never be too careful. Netcom Solutions offers Floridian companies with high-grade security solutions that include thorough risk assessments, network analysis, and threat remediation. Our experts also offer rapid help desk support with recommendations on upgrading security protocols. Keep your data safe for the new decade, and enquire with us today.

Like This Article?

Sign up below and once a month we'll send you a roundup of our most popular posts




Learn How To Optimize Your Office Productivity Tools With Our Latest eBookCLICK HERE!
+