Seven Important Data Protection Threats All Organizations Should Track

The data protection industry remains on high alert given an array of known, emerging, and evolving cybersecurity challenges. Increasingly advanced cyberattacks including malware, phishing, new uses of machine learning (ML) and artificial intelligence (AI) continue to jeopardize the vital data and assets of small and medium-sized enterprises (SMEs), large companies, governments, and individuals.

(1) Phishing attacks

Phishing attacks are a type of cyberattack where attackers deceive victims into revealing sensitive information, such as usernames, passwords, credit card numbers, or other personal details. This is typically achieved by masquerading as a trustworthy entity in electronic communications. Q3 2023 saw a 173% rise in phishing attacks and a 110% increase in malware attacks (VadeSecure). Remain skeptical of unsolicited communications, especially those urging immediate action, and to always verify the authenticity of requests for personal or sensitive information. 

(2) Vishing

Combining “voice” and “phishing”, this type of social engineering attack was most recently exploited against MGM casinos. While most attacks begin with an e-mail (phishing), skilled attackers can find greater success rates by following up with a seemingly legitimate voice call. The attackers in the MGM incident targeted key internal network administrators via LinkedIn research. They socially engineered their way through the MGM help desk to reset these employee’s multi-factor authentication passwords (Vox).

(3) Ransomware attacks

In these attacks, cybercriminals encrypt a company's data and demand a ransom for the decryption key. Ransomware attacks can be particularly damaging, leading to significant data loss, financial costs, and disruption of services or operations. To defend against these attacks, regular data backups, up-to-date security software, user education on potential threats, and maintaining software and operating system updates are crucial. These attacks have been increasingly targeted at businesses, and the ransom demands have been steadily increasing in 2023.

(4) Cloud security threats

As more businesses move their operations to the cloud, vulnerabilities in cloud security remain a major concern. This includes misconfigurations, poor access controls, shared tenancy, and vulnerabilities in supply chains. Other vulnerabilities include insecure application programming interfaces (APIs) and the absence of multi-factor authentication (MFA).

(5) Supply chain attacks

A supply chain attack occurs when adversaries target a company or organization by exploiting vulnerabilities in their supply chain – the network of companies that supply products and services to the primary organization. Instead of attacking the primary target directly, which might have robust security measures, adversaries focus on weaker points in the supply chain, often smaller vendors or contractors with less stringent security practices. The SolarWinds incident is one of the most significant and high-profile examples of a supply chain cyberattack..

(6) Insider threats

Insider threat cyberattacks involve malicious or negligent actions taken by employees, contractors, or other individuals with access to an organization's systems and data. Since these individuals are "inside" the organization, they can pose a significant threat due to their knowledge and access privileges. Some of the best ways to mitigate insider threat incidents include the following: user awareness and training; least privilege principle (i.e., “Zero Trust”); regular audits and monitoring; secure exit procedures; data loss prevention (DLP) tools; incident response plans; two-factor / multi-factor authentication (2FA/MFA); and ethical whistleblowing policies.

(7) AI-powered attacks

These attacks leverage artificial intelligence (AI) and machine learning (ML) techniques to enhance the efficacy, speed, and adaptability of malicious activities. As AI and ML technologies have advanced, they've been adopted not only for legitimate purposes but also by malicious actors to refine their tactics and improve their chances of success. The following AI/ML techniques are a growing concern: adaptive malware; automated phishing; password cracking; data poisoning; evading detection; image and audio spoofing; automated exploit generation; scalable and adaptive attacks; and enhanced botnets.

While the potential of AI-powered cyberattacks might seem daunting, it's worth noting that AI can also be a boon for the defense side. AI-enhanced cybersecurity solutions can predict and detect threats more efficiently, adapt to new attack methods, and automate responses. As the cyber landscape evolves with the incorporation of AI, it becomes a race between attackers and defenders to harness the technology's power most effectively.

Conclusion

These data protection threats require appropriate strategies and policies to mitigate your risk. But numerous other attack vectors must be considered when creating and maturing your data protection / cybersecurity / GRC strategy. 1 Global Data Protection Advisors (1GDPA) can help you develop the appropriate policies, identify operational and technical controls, and educate your workforce to build awareness and competence to keep your data secure and working for you. Contact us for a free consultation today.

Sources:

• VadeSecure (Q3 2023 Phishing and Malware)

• Vox (The chaotic and cinematic MGM casino hack, explained)

• CISA (Remediating Networks Affected by Solar Winds)