Last year was a rough time for IT security. It seemed that every week a new data breach was revealed by a major company or a new cyberattack tore through the digital landscape.
If small businesses are going to survive and thrive in 2018, they'll need to prioritize cybersecurity education. This includes staying up-to-date on cybersecurity news and learning from others' cyber mistakes and successes. Below are some of 2017's worst cybersecurity disasters and what we learned from them.
Equifax Data Breach
In September, Equifax experienced on of the biggest data breaches in history. The credit reporting firm had the personal and financial information on 145.5 million U.S. consumers stolen. The cause? An unpatched web application vulnerability.
This minor oversight caused "very possibly the worst leak of personal info ever.\" The takeaway? Keep your services up-to-date to enjoy the latest security patches. Otherwise, hackers can exploit known security gaps in your network. Then again, Equifax also lacked a robust network design, sufficient segmentation, had inadequate encryption of personal information, and ineffective breach detection. Don't make the same mistakes!
Uber Data Breach Revelation
Uber has been hit several times in the past few years by hackers. But in November, the company revealed a data breach that they hid from the public.
Occurring in 2016, the breach leaked the personal information of 600,000 drivers and 57 million customers. Uber paid the hackers $100,000 to delete the stolen information and to keep the breach under wraps. The newly appointed CEO, Dara Khosrowshahi, says the company revealed the breach and payment to turn over a new leaf of integrity. However, Uber is experiencing lawsuits around the country due to the revelation.
The lesson? Don't keep security incidents a secret, especially when they involve employee or consumer information.
Yahoo's Continuous Bleed
Yahoo has suffered a continuous bleed of bad publicity. In 2016, the internet service company revealed a 2013 data breach which exposed the private information of 1 billion users. But during the company's integration into Verizon Communications, the full extent of the hack was discovered. The 2013 hack didn't affect 1 billion accounts. It actually affected every single Yahoo account - 3 billion in all!
Ransomware made a big splash in cybersecurity news this past year. And no attack was more talked about than WannaCry. The cryptoworm targeted Windows OS devices by encrypting data and demanding Bitcoin payments. Luckily, a kill switch was discovered within a few days. Microsoft also released a security patch for its operating system. But not before more than 300,000 computers across 150 countries were impacted. Total damages are estimated to be in the hundreds of millions or even billions of dollars!
In December, the United States, United Kingdom, and Australia formally pinned the cyberattack on North Korea. Why is this important? Cyber terrorism and state-sponsored hacking are expected to grow in 2018. Private businesses would do well to educate themselves about easily exploitable security gaps.
Then again, your business couldn't possibly stymie every attack. Especially when they are as sophisticated as WannaCry. Protect your brand from the financial ravages of cyberattack and data breach with cyber insurance. This vital service could be the difference between life and death for your small business.