January 14, 2016
The cyber crimes that make the headlines are usually the ones carried out by shadowy hackers on the other side of the world.
But security episodes can happen anywhere – and they do. Here’s a look at where they are often least expected.
Restaurant: Any organization (not just retailers) that uses credit or debit cards is at risk. A restaurant data breach is common. So are breaches at hotels, courier companies, ice cream shops, etc. Business is the largest sector affected by incidents accounting for 39.9% of breaches in 2015, according to CSID, an ID protection services firm.
Game App: Who hasn’t downloaded a free game during a work break? But apps often contain malware, and an organization’s corporate data can be accessible via mobile devices. A report from IDG Research showed that 74% of global enterprises have experienced this kind of mobile security issue.
Online Gift Card: According to CSID, the rise of mobile payments (by credit cards, gift cards, etc.) has made mobile devices a more attractive target for cyber criminals.
‘Mal-vertising’: There are lots of seemingly harmless ads on the Internet. But ‘malvertising’ will infect users’ devices if opened. Similarly, drive-by-downloads require users to visit a website and their device is infected when they do.
Refrigerator: The Internet of Things means connected consumer products such as refrigerators, thermostats, and fitness monitors collect and exchange data. This increases the risk of a breach because they also link to sensitive information.
Hospital: CSID reported that the medical/healthcare industry accounted for 78.3% of all records exposed in 2015. One example of this type of breach: portable hard drives containing patient information were stolen from a heart hospital in the U.S. The theft occurred over a weekend in a procedure area normally restricted to staff and patients.
Third Party: Breaches by third-parties are also increasingly common. In one data breach, a Japan-based education/publishing company contracted an engineer who leaked the personal information from 7.6 million customer contracts.
Email: It’s not just account numbers and financial data that cyber criminals want today, says Identity Theft Resources Center. For example, cyber thieves stole names and email addresses of subscribers from a financial news organization, and then targeted the victims with solicitation requests, spam, and phishing emails. In fact, most cyber espionage starts with simple emails attachments (39.9%) and links (37.4%). The Verizon Data Breach Report 2015 showed that 23% of recipients open phishing messages in their emails, and 11% click on attachments.
How can a company protect itself?
In today's quick paces and ever changing world, it’s imperative to protect your organization and yourself from information thieves.