Top companies pay $25 per minute in damages caused due to cybersecurity breaches. By the time you read this article, a security breach victim would have coughed up almost $125. They say time is precious, and they couldn’t be more right!
The frequency and sophistication of security breaches is rapidly increasing, affecting millions of businesses worldwide, including your clients. These security breaches damage client reputation and revenue, which in turn, affects your MSP.
Let’s get into the nitty-gritties of security breaches and how you can mitigate threats to clients.
What Is a Security Breach?
A security breach, aka a security violation, is any incident that leads to unauthorized access to an organization’s protected assets, namely its data, applications, services, networks and devices.
It’s important to remember that a security breach is not the same as a data breach. A security breach represents an attempt by an attacker to access or harm your client systems while a data breach occurs when a cybercriminal gets away with client information.
Security breaches that are followed by data breaches come with legal fines and penalties. Here’s how much your clients will have to pay if they lose their data due to a security breach.
Fines up to $250k and 10 years of imprisonment.
20 million euros or 4% of the total global turnover of the previous fiscal year, whichever is higher.
Civil penalties of up to $7,500 for each violation and the maximum fine for other violations is $2,500 per violation.
The Common Causes of Security Breaches
Here are three ways your clients can fall victims to a security breach:
1. Criminal hacking
The criminal hacking technique involves stolen credentials and is very popular because one doesn’t have to be a coding mastermind. Just about anyone sitting in their bedroom can purchase credentials on the dark web. These credentials enable unauthorized access to the client’s infrastructure, leaving a fertile ground for cyberattacks like phishing scams and account takeover (ATO) attacks.
2. Human error
Client data is everywhere. When employees work with a massive amount of data every day, they’re likely to make mistakes leading to breaches. These mistakes can vary from accidental deletions, not backing up critical data and sending emails on unsecured networks (public Wi-Fi). Human error will contribute heavily to breaches in the future due to the unprecedented rise of rookie remote employees who may not be well-versed in cybersecurity best practices.
3. Social engineering
Bad actors contact clients under the pretense of gaining access to their network. One of the more efficient ways of deploying social engineering attacks is through phishing emails. On the surface, these emails seem credible since they appear to come from a trusted source. However, it’s just a ruse to deploy malware once the email is opened or as soon as the link is clicked.
The Different Types of Security Breaches
MSPs are tasked with the responsibility of putting out proverbial fires in client networks caused by security breaches. That is why it is critical to understand the types of security breaches that pose a threat to your clients – and your MSP business.
Denial of Service (DoS) & Distributed Denial of Service (DDoS)
A denial-of-service (DoS) attack is when legitimate users are unable to access the network they use, which includes websites, emails and other services. Distributed Denial of Service (DDoS) attacks are a more advanced form of DoS attacks and are used to breach more resilient networks.
How it works: Hackers send several packets of information asking the network for authentication, but since the return address is fake, it makes it impossible for the network to send authentication approval back. The network must wait to close the interaction. However, by the time it wraps up one batch of forged requests, a new batch is launched, forcing the network to restart the entire authentication process. It results in slow website performance and loss of connectivity across devices on the same network.
An eavesdropping attack involves the theft of information by passively listening to communication traffic to gain unlawful access to someone’s private information.
How it works: Attackers use Voice over Internet Protocol (VoIP) calls with the help of IP-based communication. Protocol analyzers are used to record these conversations, which are then converted into audio files. Spyware, a type of malware, is also used as a way of sniffing out important data.
It was found that 99.9% of compromised accounts don’t use multifactor authentication (MFA). It’s one of the many reasons why ATO attacks have taken prominence in recent years. Attackers send malicious emails targeting high-value individuals to extract sensitive information by mimicking a sender that the recipient knows. They can automate attacks by sending these emails with the help of bots to increase the scope of breaches.
How it works: Bad actors steal or buy credentials in third-party breaches on the dark web or hacker forums and then reuse them to gain easy access to corporate systems to steal IPs, perpetrate business email compromise and commit other types of cyber fraud.
Cryptojacking is the unauthorized use of someone’s device to mine cryptocurrency. Cryptojacking scripts do not damage the device but they do silently steal CPU processing resources. This slows down the device as the mining process takes precedence, leading to additional costs in terms of IT technicians spending time on investigating the slow performance when they should be finding ways to remove cryptojacking software from the system.
Top Security Breaches
Here are some high-profile breaches that shook the MSP industry.
The online auction site revealed that its servers were compromised in March 2014. A staggering 145 million records were said to have been stolen, which included customer names, encrypted passwords, email addresses, physical addresses, phone numbers and date of birth. The breach remained hidden in the eBay network for quite some time, indicating the hack was done with a specific intention in mind. Experts suspect the stolen credentials will be reused to guess login/password information for other corporate cloud services held by eBay customers.
The professional networking social platform lost data of 500 million active users (two-third of the platform’s user base) to hackers eager to sell it online. Hackers leaked two million records as a proof-of-concept sample that included account IDs, email addresses, phone numbers, workplace information and links to other social media accounts. While they are attempting to sell the sample data for a four-digit sum, the bigger threat is that companies will be breached using their employee LinkedIn information since it is the best way to bypass sophisticated security infrastructure.
SolarWinds Orion was used as a springboard by hackers to gain access to several United States Government agencies including the Department of Homeland Security. Hackers compromised the Microsoft 365 email infrastructure, giving them access to the SolarWinds ecosystem. From there, automated updates to SolarWinds Orion were compromised and when the customer updated their software packages, hackers gained a foothold. The CISA characterized the attack as one of the most high-profile corporate espionage cases in recent years.
Be Ready for Every Security Breach
Security breaches are virtually inevitable. However, with Unitrends MSP in your corner, you can help your clients get back up and running quickly should they suffer a breach. System failures, ransomware and user errors are easily resolved by spinning up the machine locally while natural disasters, theft, fire and other catastrophes can be handled through quick access to the resources in the Unitrends MSP Cloud.
Keep your clients running without the need to purchase expensive hardware upfront. Combine that with reduced pricing, the ability to use one solution for all of your client needs and inexpensive long-term storage options for compliance, and you have a solution that you can trust and your clients can afford — a win-win for everyone!