BotNet News

A data breach occurs when personal or confidential information is stolen, exposed to unauthorized people or shared without permission. A company might suffer reputational damage, financial loss or legal sanctions for such a breach. Usually, it takes days or even weeks for an organisation to contain the impact of a data breach and identify vulnerabilities in systems. During this time, business operations are disrupted and revenue is affected.

Attackers hunt for vulnerabilities to steal or expose confidential and personal information about businesses, governments and individuals. They may use malware to infiltrate computer systems and harvest data, or they may search for passwords, sensitive files and logged keyboard strokes using techniques such as brute force attacks. Social engineering is also a popular tactic. Attackers stalk victims on social media sites and other platforms to learn more about them, and then use that knowledge to craft phishing campaigns or attempt to trick the target into downloading malware.

Some breaches are unintentional and often known as “accidental information disclosure” or “data leaks”. Examples include setting a private file to public, misconfiguring cloud storage buckets, forgetting to password-protect databases, or losing devices (computers, smartphones, USB drives). Cybersecurity researchers often come across accidental information disclosures and alert organizations through a process called responsible disclosure. Unfortunately, criminals take full advantage of these data spills and sell the data they’ve obtained or use it to launch distributed denial-of-service attacks.

Other types of breaches involve attacks by foreign government agencies or organized crime groups. For example, the hackers behind the 2014 Sony hacking incident attributed to North Korea were later identified by security experts and US authorities as the Guardians of Peace, a government-backed group.