Data Breaches – A Growing Threat Locally & Internationally
How prevalent are data breaches and should you be concerned?
If you keep up with the news both locally and internationally, you are bound to have come across articles about data breaches. If you took the time to read any of these articles then you should at least have an idea that data breaches are a growing threat. A threat that could potentially impact your own organisation at some point in the future.
Perhaps you had the thought that you need not worry as data breaches only happen to large organisations if so we urge you to reconsider. While security breaches of large corporates make the headlines, this does not mean smaller organisations are not targets. If anything, smaller businesses may become more widely targeted for a number of reasons. For more info read: “Cyber-Attacks – The Why and How“.
First, however, let us look at some of the data breaches that have made headlines.
International Data Breaches
Dow Jones & Co
Another data breach, another high profile company; Dow Jones & Co have recently disclosed that they had suffered from a data breach. What is interesting is that they cannot pinpoint when exactly the breach occurred but say that it took place between August 2012 and July 2015.
Additionally, they state that data from 3500 individuals may have been accessed but they cannot be sure if any information was indeed stolen. They also commented that the breach might have been part of a broader series of attacks that include other companies.
The Billion-Dollar Heist
The scale of cyber-attacks and persistence can be quite staggering. In February, it became known that a cyber-attack affecting up to 100 banks around the world had netted the attackers over $1 billion. The attacks started in December 2013 and increased during February and April 2014.
Local Data Breaches
In 2013, South African Banks were the victims of malware (malicious software) named Dexter. Dexter was used to infect electronic point-of-sale (POS) terminals at fast-food outlets in order to steal customer card data. The cost of this breach was in the tens of millions of rands.
This data breach example was carried out by international syndicates and the card data used to create duplicate cards for use in purchases at physical shops.
It is hard to say what the impact of data breaches will be in the months and years to come; this is especially true for South African companies as there is a shortage of research data. However, if the impact and measures being taken internationally are anything to go by, data breaches are likely to become more commonplace.
As international companies invest more in security measures cyber-attack insurance and stricter controls and monitoring shouldn’t local companies be doing the same? While some business owners may baulk at the idea of spending money on additional security, especially without data on the volume and frequency of South African cyber-attacks here are a few things to think about:
- As international companies increase their security, they become harder targets. This means hackers may look for less secure targets.
- According to the UK’s Federation of Small Businesses, 41% of SMEs in the UK suffered from cyber-crime in 2014.
- A 2013 Kaspersky survey found that 35% of South African companies surveyed had experienced computer infections and critical data leaks.
- Due to their size, small businesses often have few security measures in place, this makes them easier targets. Small businesses may also be targeted in order to help hackers gain access to larger targets using hijacked systems and computers.
The fact is data breaches are here to stay. South African companies can follow a ‘wait-and-see’ attitude to data security or become proactive. The latter approach, no doubt being a wise one that may save millions of rands and prevent far larger breaches from occurring.
To learn more about how you can better protect yourself and your organisation read, ‘Cyber-Attack Risk Mitigation’, our article on data security measures.