Have we learnt anything from the Data Breach on Anthem, One of USA’s health sector giants, in 2015?
The company had millions of data records saved in its database. To gain unauthorized access to one of the company systems, suspicious database queries were run exposing crucial user information. How did Anthem fail it’s data security?
Many organizations have been victim of cyber crimes therefore it’s vital for everyone to know about them so as to safeguard their own data and learn from other people’s mistakes. Here are just some examples:
Social Engineering
This is a kind of malware where hacker target is to gain end-user’s trust. Like a company “Ubiquity Networks” got socially engineered by an email impersonation. Forbes publish that a huge amount of wire transfer request was made through fake email ID of company’s founder Pera.
Whenever you receive an email just hold and have a look on the email ID. Can you just identify the difference here: abc@yourbank.com and abc@yourbank.xyz.com
If yes, then you are safe.
Password Phishing attack
Password phishing attack is an attempt of hacker to steal the username and password of victim’s account.
Do you know this year Gmail also got victim of cybercrime. Mentioned in Forbes , A new attack was noticed where a user receives an email with attachment, that redirects to a URL with password field. Now, here is the trap! As user enters his Gmail password the hacker will be able to access the account.
It’s really important to secure your accounts by always enabling 2 step verification.
Unpatched Software
Systems that are not updated regularly are more likely to be attacked. Recently quite a few well renowned organizations have face malware attempts and data loss.
News posted by Naked security, many MongoDB databases were hijacked and overwritten by malicious data just because users kept the default port that is publically accessible. This is the reason to always change authentication.
In order to keep your systems out of such attacks turn on automatic updates. You should always keep updating your browsers, windows and any other system applications.
Social Media
Facebook, twitter and LinkedIn are most commonly used social networks. Be aware! They might reach you by sending a friend request. But that’s one way; see how they fooled people this September on Facebook and twitter.
A report on Gizmodo says there is a ransomware named “Locky” that was started through email but now it appears as an Image format on other social media too. As you click the image a file will download that locks all of your system files and hacker asks for some amount to return that.
All of these incidents mentioned above are lessons for every individual to have their systems properly updated, keep anti-virus, always look for file extensions, verify email id, be aware of unknown people on social media and delete the older version of applications and those not in use by you. Remember data security is a joint effort, tools can only help so much.