Data harvesting opens the door to more Ransomware attacks

Guy Bunker, SVP Products & Marketing

We all know about the much publicised 2014 Yahoo hack that saw 500 million accounts compromised, wiping $350 million off the value of the company. In fact, it wasn’t a good year for anyone with a vested interested in keeping their social security number, address, email or first pet’s name out of the clutches of the dark side.

If you add up the number of data breaches in 2014 alone, you’ll see that over 850 million individual records were stolen. And that’s just the ones we know about. In 2016, that number rose to more than 3 billion, with the update to the Yahoo! breach taking it to a billion records on its own. While the impact of a laptop theft is simple to understand, the more complex attacks with advanced persistent threats can take weeks, months or even years to come to light and be fully understood.

Now consider that Ransomware attacks usually originate in personal data that was stolen at least two years beforehand. It’s no coincidence that in our post-WannaCry Survey, 3 out of 4 business in the UK say they fear another attack in the next three months.

Balance that with the fact that many ransomware attacks on corporate organizations are from employees opening personal email on the office network – maybe a CV or job description – and you will soon realize how exposed you can be if you are responsible for managing security at your organization. Especially as there is some seriously sophisticated manipulation happening with the data once it is stolen.

It’s not just marketing departments that have been segmenting ‘big data’ and building personas to maximise engagement. Cyber criminals, once they have bought the stolen data, will build an accurate profile and strategy for the attack to make the malicious seem like the ordinary or innocent.

It’s a double whammy too. If you do get hacked and don’t have an integrated cyber security strategy, you face the wrath of your Information Commissioner’s Office - soon to be armed with a 20M Euro fine, or 4% of your hard-earnt global turnover, under the new General Data Protection Regulation (GDPR).

In the long term, GDPR can only help consumers and individuals alike, and apply consistencies to how we all manage data, but it’s the here and now that needs addressing.

Clearswift’s new initiative, SECURITY +, augments your existing infrastructure, without the need to rip and replace your current security gateways or AV and malware vendors. SECURITY + compliments your on-premise or cloud security architecture with advanced layers of protection to tackle todays’ next generation sophisticated threats, but without disrupting the flow of business. This could be by removing, or redacting, the source of an attack from documents and attachments shared into or out of the organization, via a corporate email, personal email such as Gmail or through collaboration sites such as Microsoft OneDrive and Dropbox.

Clearswift technology delves deep into email, documents and ‘zipped up’ attachments, 50 levels is the default, searching through many different file types looking for critical information such as Payment Card Information (PCI), Personally Identifiable Information (PII) or embedded malware in the guise of active code. All of which can be automatically and consistently removed, but leaving the communication action to continue. The beauty of Clearswift technology is it inspects both inbound and outbound traffic so you can prevent inbound threats and outbound data loss risks simultaneously.

Three questions to ask yourself:

1)      Have you had a ransomware attack where the infection came through opening an innocuous looking document?

2)      Have you ever received (or sent) critical information, such as PCI data to the wrong person – either inside or outside your organization?

3)      Have you ever received a strange email which purports to be from a friend, with an odd URL link – but it turns out their account had been hacked?

Clearswift SECURITY + can be deployed across your organisation in hours with minimal disruption, keeping business productivity high and your boundaries safe. And you don’t need to throw out what you already have!

Additional Information

Related Articles