A data breach occurs when confidential data is viewed, stolen, or used by unauthorized individuals. This data commonly includes payment information, Social Security numbers, or intellectual property. While data breaches are not new threats, there is no doubt that they have increased in both frequency and size within the last decade. By understanding the history of data breaches, you can become more prepared to protect your personal information in the future.

The start and rise of data breaches
The Privacy Rights Clearinghouse begins its record of data breaches in the year 2005. Before this time, businesses and government stored mostly paper records rather than digital ones, which meant that any data breaches had to be orchestrated by hand.  2005 was also the year we saw the first data breach that compromised over 1 million records (at Designer Shoe Warehouse).

How data breaches occur
Most of the largest data breaches occurred as a result of being hacked by attackers using ransomware, malware or phishing. However, breaches can also be the result of an inside job, accidental publication, social engineering, or lost or stolen devices.

The future of data breaches
As more businesses and agencies continue to place more data on servers or the cloud, hackers become even more sophisticated. Small and mid-sized businesses with fewer security resources are particularly vulnerable. You can help keep your organization protected by keeping essential security software, such as ransomware protection, up-to-date.

According to the Identity Theft Research Center, 2017 saw a record-high in data breaches. The statistics show that organizations are bound to experience a security incident sooner or later; what is important is that you are adequately prepared. Here are three essential steps to building an incident response plan.

Create a plan
A good incident response plan (IRP) should begin to develop months in advance. Analyze your organization’s IT environment and determine which systems, services, and applications are the most critical to maintaining operations. Then, identify what crucial data must be protected in the event of an incident. By developing a plan of action in advance, you will find any gaps in policy, technical capability, or communication that may require immediate attention.

Practice
In the case of a breach, it is essential to act quickly and swiftly. If an incident should occur, you don’t want to appear flustered or disorganized to your customers. With simulation exercises, you can put your plan in action to ensure it your cyber security solutions would be effective in a real situation.

Document and communicate responsibly
Accurate documentation and clear communication of your response activities will be necessary for legal purposes (and as a courtesy to your customers). When going public with the details of the breach, it is essential that you are prompt and clear about how the issue was caused, the actions you took to respond, and what will be done to prevent the situation from recurring.

There are many different types of malware, and some of the most common include viruses, Trojans, and worms. While the terms are often used interchangeably, each of these types of malware has significant differences.

Viruses
A computer virus is a malicious program that can cause damage by creating, moving or erasing files. Opening an infected email attachment is the most common way for your machine to catch a computer virus.

Trojans
Named after the mythological Trojan Horse, a Trojan is a malicious program which misleads users of its true intent. It is typically hidden in an email attachment or download that appears to be authentic. When the user clicks the attachment or downloads the program, the malware hidden inside is transferred to the user’s device. Once inside, a Trojan can cause damage by deleting files, stealing data, and more.

Worms
A computer worm is a program that can replicate itself and spread to other computers. While it cannot alter any files on a machine, it can cause harm consuming all of the endpoint’s available memory or disk space as it multiplies. In this case, endpoint protection software is essential as it can locate and destroy worms before they have a chance to replicate or spread to other machines.

Social engineering is the act of manipulating someone into releasing sensitive information or providing them access to your network. For example, a social engineer could pose as an IT specialist and try to trick an employee into divulging their login credentials. The following are some of the most common social engineering tactics.

Pretexting
Pretexting is the use of a ploy to capture a victim’s attention. Once the story catches the person’s interest, the scammer tries to trick the victim into providing sensitive information. For example, you may receive an email naming you as the beneficiary of a will, which requests your personal information to prove your identity so you can receive your inheritance.

Baiting
Baiting means presenting something to a victim so they take an action (not unlike how a fish would react to a worm on a hook). For example, a cyber criminal may label a flash drive loaded with malware something like “Confidential” or “Q1 Layoff Plan” and leave it in plain view for someone to find. Someone who takes the bait would investigate the flash drive by plugging it into their computer.

Scareware
In the case of “scareware,” a victim becomes bombarded with false alarms and fake threats. The victim is deceived to believe their system is infected with malware, and that they must install a program – which is actually malware itself – to remove it. Never download ransomware protection that is not from a trusted source.