Even with every safeguard in place, it’s simply impossible to avoid all cybersecurity breaches. That being said, there are things you can do to lower the chance of a catastrophic one happening in your organization. By looking at a few recent attack vectors and what can be done to mitigate the risks these companies weren’t prepared for, you can help make sure your organization is prepared for a possible cybersecurity breach.
In one of the most highly publicized breaches of the year, attackers were able to breach the Democratic National Convention. It appears that the breach was targeting information regarding opposition research on Donald Trump, and it has been confirmed that the bad actors were able to view internal communications—including all emails—from the DNC. WikiLeaks exposed all of the archive material from this breach online, and the fallout resulted in the resignation of several high-level officials, including the chairwoman of the DNC.
In addition to this breach, two less-publicized breaches took place right around the same time:
Whether or not these three attacks are related has not been confirmed. Many have speculated that the hacks are attributed to Russia in a broad attack against the Democratic party. However, a hacker who goes by the handle Guccifer 2.0 claimed responsibility for the DNC breach and has denied any Russian connection. Neither of these stories have been confirmed by the DNC or authorities at this time.
There are a few critical takeaways to draw from this trio of breaches:
On July 26, 2016, Brian Krebs wrote about the breach of the Kimpton Hotels chain. This was a point-of-sale (POS) malware breach that captured customer payment card information. As of now, we don’t know how many customers were affected. This is similar to attack vectors we’ve seen on other hotel breaches in the past year—both Hyatt and Hilton were breached in 2015.
There are several takeaways to draw from this POS breach:
In early August 2016, the Russian government released information that 20 state agencies—as well as Russian defense contractors that handle sensitive military information—were found to be compromised by some kind of malware cyber intrusion. As of right now, we do not have a list of every agency that was compromised, nor any additional information.
Employee vigilance is critical for all organizations to keep in mind. Employees should be trained not to click on email attachments and to keep an eye out for suspicious email communications—as phishing emails like this may have led to the DNC and Russian compromises. Additionally, it’s important to monitor your network outside of your immediate physical environment and be mindful that hackers are always looking for their best angle of attack.
If you’re using a “one-size fits all” approach to managing your vendor lifecycle, you are missing opportunities to save money and operate more efficiently. Vendor management efficiencies don’t end in the onboarding stage: using a...
If you’re experiencing frustrating delays and procedural roadblocks during your vendor management process, you’re not alone. Security managers are seeing an increase in the number of third-parties integrating with their business, and ...
During this dynamic and stressful workplace environment 2020 has brought us, finding the most efficient ways to perform in your job has never been more important. When it comes to managing your vendor lifecycle, there are three ways you...
© 2021 BitSight Technologies. All Rights Reserved. | Privacy Policy | Security | For Suppliers
Contact Us | BitSight Technologies | 111 Huntington Ave, Suite 2010, Boston, MA 02199 | +1-617-245-0469