In May this year, GoDaddy discovered it had suffered a data breach affecting 28,000 accounts - yet the breach itself had happened much earlier, in October 2019.
The world’s largest domain registry service had been hacked; and for half a year, they hadn’t noticed. How does this happen?
Legally, data theft is comparable to burglary; it’s the wholesale theft of another entity’s property, without their knowledge or permission. Physically, however, it couldn’t be more different; the chief information officer doesn’t enter the office to find the doors ajar, the server rooms ransacked and gaps on the shelves where data used to be. It’s a far more covert practice.
It might go some way to explain GoDaddy’s unawareness of their own theft; unlike a Ransomware attack, there were no demands by the data thieves and no obvious virus left on the systems. It took a more intricate investigation, right down to the server level, to identify the breach.
It begs the question; without regularly managing and monitoring their networks, how would business owners identify a breach in good time?
The noticeable effects of a data breach are typically quite gradual; devices, software and connections become increasingly slow to respond, for example, while any unsecured files may well have been tampered with, causing incongruities later down the line. Yet the opportunistic nature of hackers means they’ll often target neglected networks, going for data that is rarely accessed manually or monitored regularly. In many instances, breach awareness happens long after the damage is done. According to research from IBM, it takes an average of 197 days to identify a data breach – and a further 69 to contain it.
It might be that victims, such as a business’s customers, are disproportionately targeted by phishing campaigns following a mass compromise of their data, with the threat slowly revealing itself as more victims come forward. Business owners might also see mounting discrepancies among their files and networks, with important data failing to correlate or missing altogether. However the breach emerges, it’s often a gradual process, which occurs long after the attack has been successful.
Yet it isn’t just mitigating the damage that business owners need concern themselves with – there’s also the regulatory concerns. Enterprises have a duty to protect their clients as per the General Data Protection Regulations; should a breach be identified, not only does it need reporting to the Information Commissioner’s Office immediately, your response needs to be quick, efficient and documented.
With so much of our work taking place online – not least with the sudden influx of remote workers – we’re exposing much more of our data to outside threats than ever. Our security requires solutions designed from the ground up to meet regulatory requirements and keep our enterprises protected.
At Mirus, we offer front-to-back protection for businesses – starting with a full cyber security assessment and continuing with regular, daily monitoring of your systems.
Our monthly service provides continuous scanning of your network, identifying vulnerable ports and providing ongoing protection as needed. And if you’re concerned that your data may have been compromised in the past, our Dark Web scanning service trawls the corners of the dark web to identify your compromised material.
Security is fast becoming your company's key concern, not only for the protection of your clients and staff but for the continuity of our ever-evolving workplace. While it may not be possible to have all eyes on security, all the time, a smart and strategic solution could well provide you the next best thing.
Protect Your Business and Users From the Threats of Phishing and Brute Force Attacks
Ask us about MyKi, the business-standard password management software, now available from Mirus.