It’s an unavoidable truth that technology evolves faster than the security protocols needed to protect data. Compared to 2017, 2018 saw a fourfold increase in data breaches, with nearly half of all compromised identity records stemming from the U.S. and China.
The cyber security report, compiled by Steadfast Solutions, also revealed a nearly 80 percent decrease in the average breach size. Hackers are shifting their attention from large corporations to smaller businesses and city governments. Criminals choose their targets based on the perceived ease of breaching security and the value of the targeted data. Stolen records may include addresses, social security numbers, medical information, financial records, login credentials, communication logs, and other confidential documents.
An Alarming Trend in the U.S
While the total number of data breach incidents in the U.S. fell short of other countries, the average scale of the breaches placed the U.S. high on the victim list. Breaches of city government databases, in particular, were prolific. Hackers used such methods as phishing and ransomware to seize sensitive data, encrypting it and demanding exorbitant payments to release the passwords. In 2018, the U.S. accounted for nearly one-third of identity records compromised across the world.
In addition to large-scale ransomware attacks, underground hacking also increased by 71 percent. Criminals exchange billions of stolen usernames, passwords, email addresses, and other records on the black market, placing the rightful owners at risk of financial loss and identity theft.
Data Breaches Are the New Norm
The rise in government-related breaches may stem from the sector’s three-fold growth from 2017 to 2018. Criminals began to pilfer voter databases for sellable data, capitalizing on the chaotic political atmosphere and rising unrest.
Many of the breaches stemmed from unsecured or poorly secured devices connected to a network. Mobile phones, portable hard drives, tablets, and other devices are often overexposed and under-protected, making them easy targets even for criminals with little to no hacking experience.
A Need for Increased Security
Without a large-scale effort by governments, businesses, and individuals to implement cybersecurity practices, data breaches will only continue to rise. Spreading awareness is the first step to making a change. An effective cybersecurity plan includes actions such as:
- Recognizing suspicious emails and phishing attempts.
- Choosing strong passwords consisting of upper and lower case letters, numbers, and symbols.
- Using a virtual private network (VPN) when accessing work documents remotely.
- Avoiding connecting to unsecured or unfamiliar networks.
- Enabling multi-factor authentication.
- Being wary of third-party apps and software.
- Keeping software up to date.
- Backing up data regularly to the cloud or a secured device.
- Choosing a reputable managed services provider.
- Having cyber insurance.
While no cybersecurity plan is foolproof, implementing multiple strategies will greatly reduce your risk of becoming a target.
Photos courtesy of gettyimages.com