Once more unto the breach, dear friends! Relax – this isn’t a pop quiz on Shakespeare – it’s time to talk about data breach types. In this blog, we’ll give you a bucketful of shiny preventative measures to protect your business and help you regain control from cybercriminal attempts.
But First, Incident vs. Data Breach: What’s the Difference?
You may not have had the pleasure of a data breach (yet), but you can bet your cherry muffins you’ve been involved in an incident. Here are our definitions:
An incident is a security event that has the potential to compromise some part of your IT ecosystem, e.g., your network, configurations, software, and data. A security event could be something like a phishing email, a stolen device, or a virus infection. An incident may be a near miss, or it may lead to an actual data breach.
A data breach is the result of an incident that has actually compromised your data or systems. For instance, a file has been accessed and sensitive information stolen or disclosed. Or one of your employees has downloaded ransomware, and now your whole company is locked out of its systems.
To prevent data breaches, we stop the incidents. And to stop the incidents, we do two things:
- Block the attack vectors. Attack vectors are the paths cybercriminals take to access your stuff, e.g., by sending a phishing email.
- Reduce human error. It’s definitely an error to be a cybercriminal, but we’re talking about the mistakes, poor behavior, or inaction by our own people that can lead to a breach by clicking a phishing email.
So, What Are The Common Types of Data Breaches?
Here are a few of our unfavorite types of data breaches. Note that some data breaches are bundled up together in a 2-for-1 offer, like ransomware that’s part of a phishing attack.
| Common Types of Data Breach | |
| Data Breach Type | What it is |
| Phishing Attack | An email (but can be a text or call) that tricks the respondent into behaviors like innocently downloading malware or giving up credentials, allowing access to sensitive data. |
| SQL Injection | Harmful code embedded into a website or app in order to infiltrate and access data. |
| Malware, e.g., viruses, trojans, ransomware, worms | Malicious software designed to cause harm to a server or computer by stealing data or revoking authorized access. |
| Stolen Credentials | An unauthorized person gets their hands on user credentials, giving them the power to access data or systems. This can happen through things like phishing attacks and password cracking. |
We’re big fans of locking stable doors before anything has bolted (it’s a metaphor, people), so here’s how to prevent those data breaches from happening. Remember, we’re looking at closing down attack vectors and reducing human error. Some preventative measures can defend against a job lot of data breach potentials.
Let’s get into it.
Defenses Against Phishing Attacks
Here’s how these defenses work:
SPF (Sender Policy Framework) and DKIM (Domain Keys Identified Mail) prevent phishing attacks by verifying that the sender is authorized to send emails on behalf of the domain it’s coming from.
Third-party filters automatically quarantine a dodgy-looking email. You’ll see a message saying, “This looks dodgy. Are you sure you want to open it?”
Should your people click on that pesky phishing email, DNS filtering blocks their access to malicious sites.
Frighteningly clever AI-based anti-malware does a whole heap of things to reduce the risk of data breach from phishing: using natural language algorithms to detect weirdness in an email; checking the reputation and authenticity of the sender URL; recognizing rip-off in-email images; and comparing the email you just got with known threats. We’re lucky that AI-based antimalware is our friend.
Phishing simulations help reduce human error by training people to recognize phishing attempts and deal with them properly.
Defenses Against SQL Injections
Here’s where you tighten up your security protocols around how users interact with your website, e.g., through using the search function or sign-up form. An SQL attack will identify a vulnerable field and then inject into it malicious code that’s intended to muck about with data sets in your database. Ouch.
A few ways to reduce this risk are to:
- Make sure your software is patched and updated.
- Use a web application firewall that’s designed to identify SQL injection attempts.
- Keep your coding practices healthy by making sure code and data are kept separate.
- Use the principle of least privilege on your database user accounts.
Defenses Against Malware Attacks
Where do you even start? There’s a smörgåsbord of anti-malware practices to chow down on. Try these:
- Use antivirus software
- Encrypt everything
- Again with the DNS filtering, phishing simulation, and firewalls
- Keep OS and software updated
- Monitor, monitor, monitor
Defenses Against Stolen Credentials
Here’s where multi-factor authentication (MFA) and cloud single sign-on are your two best friends. These are strong identity management practices that will boot out data breach attempts before they can even get started. MFA forces your people to prove that they’re who they say they are, using two or more identification protocols, e.g., what they know (a code) and what they have ( a phone, a finger).
Cloud single sign-on gives your people access to all their stuff using just a single password, which reduces the risk of password fatigue and password attacks. Don’t panic, though, because that cloud front door is super-fortified.
There Are Tons More Ways To Not Get Breached
A lot of them are common sense. A lot of them are good practices. Some of them are a bit techy, and you need a Ph.D. in Geek to get them sorted. But every little bit helps. If you’d like a conversation titled, “How Can My Business Reduce The Risk of Data Breach By Friday?” then give us a call because we’ve got the answers for you, and we can talk in human, if that’s your preferred language.
Ignition is Silicon Valley’s best (and friendliest) IT security, compliance, and support team. Contact us now – chatting about IT support and cybersecurity is our favorite thing to do!