Email Data Breaches: The Threat Keeps Giving

 

By most accounts, 2015 was a year of unprecedented data breaches. Several major government agencies, enterprises and consumer sites were hacked - leaking the personal information of millions onto the web.

But an initial security breach doesn’t end the vulnerability. For example, according to the data cultivated by email security firm MailChannels, spam and phishing emails to addresses stored in the Ashley Madison database - compared with the volume sent to a random sample of addresses - have increased exponentially since the hack.

“The data offers some insights into what consumers can expect: a steadily growing amount of scams and spam - both targeted and general - will hit inboxes in 2016,” according to Ken Simpson, CEO at MailChannels. “Anyone whose email has been exposed is a prime target for cybercriminals looking to profit from extortion, identity theft and data exploitation. The increased volume in email attacks won’t come right away, but evidence from the Ashley Madison data leak shows that the growth in volume of will be sustained throughout 2016; it isn’t going to tail off with time.”

Simpson spoke with Information Management about what he expects organizations will experience on the IT security front in 2016, and how those trends may impact customers.

Information Management: What does your data reveal that CIOs should know in terms of corporate email security issues?
Ken Simpson: CIOs should create a process for retrieving leak data when large leaks happen, because our analysis shows that the very appearance of someone's email address in a leak exposes them to more abuse after the leak occurs. Attackers use leaks to build their database of targets for all sorts of fraud - not just fraud related to the leak itself. For instance, with the Ashley Madison's breach, we saw users receiving regular spam and phishing attacks in addition to targeted attacks such as scams promising to remove users' personal information from the Internet.

Information Management: What types of data are most at risk?
Simpson: It's not so much the types of data that are at risk, it's the potential for social engineering that's the real risk. When an attacker knows something about your user because he or she was included in a breach, they can leverage that information to tailor an attack.

For example, let's say your HR SaaS provider experienced a breach, allowing an attacker to know not only that your employee "Sandra" in marketing makes $55,000/year, but also that she lives in London, England. You can now hit Sandra with a customized email claiming to be someone from the London office who needs some money because their passport was absconded during a trip to Egypt.

Information Management: Are organizations giving IT security enough attention, budget, and staffing?
Simpson: Security is never given enough attention until there is a major problem - this has always been true and probably always will be. Enlightened organizations invest more in security because they know that the cost of doing nothing is to guarantee - at some unknown time in the future - an incident that is very costly.

Ashley Madison's parent company nearly ceased operations after their disastrous breach. Were they doing enough on security? Not for a firm that deals in information that can destroy marriages. And we're only beginning to see the legal fallout that could hobble them for years to come.

Information Management: How does the CIO or the CISO best go about creating a culture of security awareness?
Simpson: I think it pays to keep on top of security events that receive widespread press, and to remind management and staff that they too are vulnerable. Part of the CIO's job is to provide information about the general threat landscape so that the organization starts to take security seriously. The CIO alone can't pull enough budget; but the collective concern of every department will start to make a difference.

Information Management: What do you predict will be the top IT security issues, challenges, and threats in 2016?
Simpson: In 2016, the threat for tailored attacks at the individual level will become commonplace. With this previous year having been one riddled with information breaches, our data shows cybercriminals have an increased repository of personal information pieces that will look to build out into comprehensive profiles that can be used for identity theft, extortion and hacking. The more built out a profile, the more possibilities for illicit activity and cybercriminals will be on the hunt to collect the missing information they need to exploit an individual or business through targeted emails and spam campaigns.

I also believe we'll see more nation state hacking and espionage causing real economic damage. For example, could a powerful Chinese SOE with influence in the Communist Party prod the red army's electronic division into hobbling a major US industrial company for competitive reasons? Say, through a major breach that was made to look like it came from Anonymous? Yes, that could happen in 2016. But this time, the linkage with the nation state will become clear.

Inormation-Management: http://bit.ly/1PrfIjw

« What Does a Cyber Security Strategy Look Like?
Third of UK Finance Logins Risk Client Data »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

NUS-Singtel Cyber Security R&D Lab

NUS-Singtel Cyber Security R&D Lab

NUS-Singtel Cyber Security R&D Lab conducts research into predictive security analytics.

OCERT

OCERT

OCERT is the National Computer Emergency Response Team of Oman.

National Institute of Standards & Technology (NIST) - USA

National Institute of Standards & Technology (NIST) - USA

NIST is a measurement standards laboratory, and a non-regulatory agency of the United States Department of Commerce. Areas covered include IT and cybersecurity.

8MAN

8MAN

8MAN is a leading Access Rights Management (ARM) solution in Microsoft and virtual server environments.

Ilex International

Ilex International

Ilex International is a European software vendor which specialises in Identity & Access Management solutions.

Information Technology & Cyber ​​Security Service (STISC) - Moldova

Information Technology & Cyber ​​Security Service (STISC) - Moldova

STISC is a public institution whose purpose is to ensure the administration, maintenance and development of the information technology infrastructure in Moldova.

Sqreen

Sqreen

Sqreen is a web application security monitoring and protection solution helping companies protect their apps and users from attacks.

CICRA

CICRA

CICRA is Sri Lanka's pioneering cyber security training and consultancy provider.

Stratus Cyber

Stratus Cyber

Stratus Cyber is a premier Cyber Security company specializing in Managed Security Services. Our services include Blockchain Security, Pentesting, and Compliance Assessments.

Korn Ferry

Korn Ferry

Korn Ferry is a global organizational consulting firm, synchronizing strategy and talent to drive superior performance for our clients in key areas including cybersecurity.

SIRP Labs

SIRP Labs

SIRP is a Risk-based Security Orchestration, Automation and Response (SOAR) platform that fuses essential cybersecurity information to enable a unified cyber response.

SHIELD

SHIELD

SHIELD are the world’s leading cybersecurity company specializing in cyber fraud and identity solutions.

Extreme Networks

Extreme Networks

Since 1996, Extreme has been pushing the boundaries of networking technology, driven by a vision of making it simpler and faster as well as more agile and secure.

Orbis Cyber Security

Orbis Cyber Security

Orbis is one of the leading cybersecurity company in USA. Our cybersecurity specialist defends your data, combat threat, and modernize your compliance.

ClearSky Cyber Security

ClearSky Cyber Security

ClearSky cyber security provides cyber solutions, focused on threat intelligence services, mainly for the financial sector, critical infrastructure, public sector and the pharma sector.

Tria Federal

Tria Federal

Tria Federal is the premier middle-market Technology and Advisory services provider delivering digital transformation solutions to federal health and public safety agencies.