Leaking Panama Papers: New Reality?
Cybercrime has become so expected and normal that the media coverage of Panama Papers leaks barely mention the failure of the law firm Mossack Fonseca, which did not protect the most valuable and sensitive assets: files and emails that identify customers and their operations. New week, new failure.
The new PwC report says that cybercrime is about to become the No. 1 economic crime among US companies, surpassing "the century-long misappropriation of assets" or theft of money. The PwC study also found that only 40 percent of systems request information about the state of the data more often than once a year, suggesting management failures.
Regardless of the size and nature of your organization, the leak as in Panama Papers is relevant and possible. Files and emails are a digital recording of everything we do. This is unstructured data, as it is called in IT, as a rule, what companies have the most and at the same time what they know the least about. Not so long ago, our company conducted a risk assessment, in which it was revealed that more than 25 percent of shared folders in an average company are not blocked, and are publicly available to everyone in the company. Almost all data breaches are the result of insider access, regardless of whether the perpetrator is an external attacker, an employee with bad intentions, or just an innocent click in an email with a malicious attachment.
')
Email servers are usually one of the largest treasures with valuable information. If you're spying on a company, the CEO's mailbox will be the best place to see how things are going in the company. One of the main problems with email security is that the most valuable mailboxes are usually the least secure. This is because executives (and law-abiding partners of law firms) often have assistants and other people who have access to mailboxes, some even have admin access for a long period of time. Another e-mail security problem is that their activity is rarely recorded or analyzed, which makes the theft almost invisible. The ubiquitous Microsoft Exchange has “shared folders” in which a large amount of confidential information can accumulate, often companies do not pay enough attention to protecting these folders. If the assistant's account is compromised by the stolen passwords, or if the assistant acts intentionally, the mailbox with all its contents can be easily cracked without any traces.
When Panamanian documents were made public, Mossack Fonseca declared an “unauthorized leak”. This was widely accepted as a fact of external attack, despite the ambiguity of the situation, because it is hardly possible to pick up 2.6 terabytes from the Internet without being noticed. Downloading such a large amount of data from an e-mail server via the Internet is like floating down the river on straw. More likely, insider access took place, and the ability to track it was negligible ..
To compile the Global Economic Crime Survey 2016, according to the US, PwC surveyed more than 6,000 people in 328 different organizations, most of which were top management of publicly traded companies in all industries. Fifty-four percent reported that they were suffering from cybercrime over the past two years, that is, more than half of the respondents have experienced the misappropriation of assets.
Financial influence is often overlooked when considering cybercrime. Since PwC polls many business leaders, they have more reliable data than other studies. PwC said: “Some respondents (about 50 organizations) said they suffered losses of over $ 5 million; of these, almost a third reported cybercrime losses in excess of $ 100 million. ” A study conducted by IBM and the Ponemon Institute in 2015 showed that the average cost of data leakage is currently about $ 6.5 million.
Values ​​of this kind are linked to data, which can lead to the commercial use of personal identification data (PII) or intellectual property, which can lead to a corporate crisis, if data is stolen, why don't we protect them better? We underestimate their value and vulnerability. We forget about them, and rarely remove them. The recent surge in extortionists' activity shows us how unstructured data can be vulnerable - extortionists advertise their presence to end users after they encrypt files, asking for a few bitcoins - organizations try their best to detect it before a huge number of files are damaged. Other threats often manifest much later (if at all) and getting rid of them will be a much more expensive process.
Of course, modern companies can monitor networks for unusual activity or check known viruses, however, they are usually not equipped to determine the new generation of hidden malware. Simply put: most companies have a huge and costly blind zone when it comes to protecting repositories with unstructured information. More effective risk assessments, improved data protection, and more serious file system monitoring are now key to real security.
Since we can never prevent hackers from trying to gain access to insider information, we can only detect such intervention as quickly as possible, limit the damage, and ultimately reduce the costs incurred due to data leakage . Then, perhaps, we will no longer be so shocked by the news of data theft in broad daylight, we will be ready to prevent it.
The new PwC report says that cybercrime is about to become the No. 1 economic crime among US companies, surpassing "the century-long misappropriation of assets" or theft of money. The PwC study also found that only 40 percent of systems request information about the state of the data more often than once a year, suggesting management failures.
Regardless of the size and nature of your organization, the leak as in Panama Papers is relevant and possible. Files and emails are a digital recording of everything we do. This is unstructured data, as it is called in IT, as a rule, what companies have the most and at the same time what they know the least about. Not so long ago, our company conducted a risk assessment, in which it was revealed that more than 25 percent of shared folders in an average company are not blocked, and are publicly available to everyone in the company. Almost all data breaches are the result of insider access, regardless of whether the perpetrator is an external attacker, an employee with bad intentions, or just an innocent click in an email with a malicious attachment.
')
Email servers are usually one of the largest treasures with valuable information. If you're spying on a company, the CEO's mailbox will be the best place to see how things are going in the company. One of the main problems with email security is that the most valuable mailboxes are usually the least secure. This is because executives (and law-abiding partners of law firms) often have assistants and other people who have access to mailboxes, some even have admin access for a long period of time. Another e-mail security problem is that their activity is rarely recorded or analyzed, which makes the theft almost invisible. The ubiquitous Microsoft Exchange has “shared folders” in which a large amount of confidential information can accumulate, often companies do not pay enough attention to protecting these folders. If the assistant's account is compromised by the stolen passwords, or if the assistant acts intentionally, the mailbox with all its contents can be easily cracked without any traces.
When Panamanian documents were made public, Mossack Fonseca declared an “unauthorized leak”. This was widely accepted as a fact of external attack, despite the ambiguity of the situation, because it is hardly possible to pick up 2.6 terabytes from the Internet without being noticed. Downloading such a large amount of data from an e-mail server via the Internet is like floating down the river on straw. More likely, insider access took place, and the ability to track it was negligible ..
To compile the Global Economic Crime Survey 2016, according to the US, PwC surveyed more than 6,000 people in 328 different organizations, most of which were top management of publicly traded companies in all industries. Fifty-four percent reported that they were suffering from cybercrime over the past two years, that is, more than half of the respondents have experienced the misappropriation of assets.
Financial influence is often overlooked when considering cybercrime. Since PwC polls many business leaders, they have more reliable data than other studies. PwC said: “Some respondents (about 50 organizations) said they suffered losses of over $ 5 million; of these, almost a third reported cybercrime losses in excess of $ 100 million. ” A study conducted by IBM and the Ponemon Institute in 2015 showed that the average cost of data leakage is currently about $ 6.5 million.
Values ​​of this kind are linked to data, which can lead to the commercial use of personal identification data (PII) or intellectual property, which can lead to a corporate crisis, if data is stolen, why don't we protect them better? We underestimate their value and vulnerability. We forget about them, and rarely remove them. The recent surge in extortionists' activity shows us how unstructured data can be vulnerable - extortionists advertise their presence to end users after they encrypt files, asking for a few bitcoins - organizations try their best to detect it before a huge number of files are damaged. Other threats often manifest much later (if at all) and getting rid of them will be a much more expensive process.
Of course, modern companies can monitor networks for unusual activity or check known viruses, however, they are usually not equipped to determine the new generation of hidden malware. Simply put: most companies have a huge and costly blind zone when it comes to protecting repositories with unstructured information. More effective risk assessments, improved data protection, and more serious file system monitoring are now key to real security.
Since we can never prevent hackers from trying to gain access to insider information, we can only detect such intervention as quickly as possible, limit the damage, and ultimately reduce the costs incurred due to data leakage . Then, perhaps, we will no longer be so shocked by the news of data theft in broad daylight, we will be ready to prevent it.
Source: https://habr.com/ru/post/303220/
All Articles