InTegriLogic Blog
InTegriLogic has been serving the Tucson area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.
4 Data Backup Myths You Need to Know About
Humans generate 2.5 quintillion bytes of data every day.1 That is a substantial amount of information. However, failing to keep up with the ever-changing threat landscape might wipe your share of this data in the blink of an eye. In fact, ransomware has more than doubled in frequency since last year, accounting for 10% of verified breaches.2 While there is a lot of fear surrounding cybersecurity, you don’t need to panic. There are measures you can put in place to better protect your business. One of our best recommendations is to make data backups a component of your cybersecurity plan. Companies that don’t regularly back up valuable data leave themselves vulnerable to evolving cyberthreats.
Data loss can occur due to multiple reasons that range from hard drive failures and ransomware attacks to natural disasters and human error. Whatever the reason may be, data backup can provide the relief you need by helping restore data on your devices should an incident occur.
When you decide to embark on your data backup journey to protect your organization and create business continuity, there are several myths you’ll come across. Here are four of the most common data backup myths:
Backup Myths Debunked
Myth #1: Data Backup Is Too Expensive
Data loss can have a cascading effect, resulting in downtime, productivity loss, revenue disruptions, regulatory fines and reputational damage. The total cost of these setbacks is typically higher than the cost of a backup solution.
Myth #2: Having One Copy of Your Data Backed Up Is All You Need
The 3-2-1 strategy is a data backup best practice that involves having at least three copies of your data, two on-site but on different mediums/devices, and one off-site.
- Three copies of data: Having at least two additional copies of your data, in addition to your original data, is ideal.
- Two different mediums: Keep two copies of your data on different types of storage medium such as internal hard drives and removable storage like an external hard drive or a USB drive.
- One off-site copy: Keep one copy of your data off-site. This helps safeguard against worst-case scenarios.
Myth #3: Multiple Copies Guarantee Successful Backups
Having additional copies of your data by following the 3-2-1 strategy is a smart practice, but this doesn’t guarantee backups will operate as expected.
Organizations following the 3-2-1 strategy generally keep the original data and one of its copies on-site while another copy is transmitted to a safe, off-site destination, typically the cloud.
Beyond creating additional backup copies, regularly check to verify whether your backups are working properly since they may still be vulnerable to user error or data corruption. Routinely test backups or outsource the task to a managed service provider (MSP).
Myth #4: Data Backup and Disaster Recovery Are the Same
This misunderstanding stems from the fact that many people do not understand the difference between data backup and disaster recovery. Even though they are both vital components of business continuity, they are not the same.
While data backup is the act of backing up critical data, disaster recovery is the act of recovering those backups. Another distinction is that while data backup is defined by the recovery point objective (RPO), which is the amount of data that must be restored to keep operations running, disaster recovery is defined by the recovery time objective (RTO), which considers the time it takes to recover.
Partner for Success
Trying to safeguard your organization against data loss on your own can be overwhelming. Fortunately, we've got you covered.
We can make it easier for you to implement a long-term security and data backup strategy that also meets IT and endpoint device security and data protection requirements – especially considering new, growing cyberthreats that target vulnerabilities you may have overlooked.
Sources:
- net
- Verizon 2021 DBIR
Twitch
https://www.theverge.com/2021/10/6/22712250/twitch-hack-leak-data-streamer-revenue-steam-competitorExploit: Hacking
Twitch: Streaming Platform
Risk to Business: 1.402 = Extreme
Leading streaming and gaming platform Twitch has been hacked. Source code for the company’s upcoming expansion to its streaming service, an unreleased Steam competitor from Amazon Game Studios, has appeared on message boards as well as data that details the terms and amounts of content creator payouts. Ann anonymous poster on the 4chan messaging board delivered the data in a 125GB torrent. That poster also claimed that the stream includes the entirety of Twitch and its commit history including the aforementioned creator payouts, twitch.tv, source code for the mobile, desktop and video game console Twitch clients, code related to proprietary SDKs and internal AWS services used by Twitch, data on other Twitch properties like IGDB and CurseForge and, details about the AGS project and information about the platform’s internal security tools.
Customers Impacted: Unknown
How It Could Affect Your Business: Data is of immense value to cybercriminals in the booming dark web data markets, and this data will appeal to many different cybercriminal operations.
MoneyLion
Exploit: Credential StuffingMoneyLion: Financial Services Platform
Risk to Business: 1.712=Severe
That old favorite credential stuffing makes an appearance this week with an attack on the financial services platform MoneyLion. The Utah-based fintech company provides mobile banking services for borrowing, saving, and investing money. MoneyLion informed customers that “an unauthorized outside party appears to have been attempting to gain access to your account on the application using an account password and/or possibly email address that appear to have been potentially compromised in a prior event”. The data breach notice outlined the attacks as taking place over the course of several weeks spanning June and July 2021. The company assured users that no information was stolen.
Customers Impacted: 8.5 million
How It Could Affect Your Business: Credential stuffing is a classic that is even easier these days thanks to the huge amount of data that includes huge batches of stolen passwords available on the dark web.
Next Level Apparel
https://portswigger.net/daily-swig/us-clothing-brand-next-level-apparel-reports-phishing-related-data-breachExploit: Phishing
Next Level Apparel: Clothing Manufacturer
Risk to Business: 2.771 = Moderate
Next Level Apparel, a US-based clothing manufacturer, has announced that several of its employee accounts were compromised in a phishing attack. In a press release late last week, the company noted that cybercriminals were able to access the contents of several employee email accounts at various times between February 17, 2021, and April 28, 2021, including viewing customer and employee PII although the company could not confirm that any data was stolen.
Individual Risk: 2.802 = Moderate
Next Level Apparel noted that the customer and employee data accessible through the compromised accounts included names accompanied by Social Security numbers, financial/checking account numbers, payment card numbers, driver’s license numbers, and limited medical/health information.
How It Could Affect Your Business: More than 80% of reported security incidents in 2020 were phishing-related, making this the biggest cyberattack vector for every business.
United Kingdom – Welland Park Academy
https://www.bleepingcomputer.com/news/security/fired-it-admin-revenge-hacks-school-by-wiping-data-changing-passwords/Exploit: Hacking
Welland Park Academy: Secondary School
Risk to Business: 2.883 = Moderate
Hell hath no fury like an IT employee scorned, as Welland Park Academy discovered after a fired IT admin entered its environment and wreaked havoc. After his termination, the former employee wiped data on the school’s systems and changed all employee credentials. These actions made it impossible for the school to conduct distance learning. The same malicious individual also took revenge on the next company fired from, creating lockout chaos and wiping data at an unnamed IT company, as well as mucking up the company’s phone systems.
Customers Impacted: Unknown
How It Could Affect Your Business: Malicious insider threats are a hazard that very business should remember, because vengeful employees can do serious damage quickly.
United Kingdom – The Telegraph
https://www.bleepingcomputer.com/news/security/the-telegraph-exposes-10-tb-database-with-subscriber-info/Exploit: Misconfiguration
The Telegraph: News Organization
Risk to Business: 2.122=Severe
UK news giant The Telegraph is in hot water after researchers discovered an unsecured database that exposed an enormous amount of information, an estimated 10 TB of data. Much of the data appears to apply to Apple News customers. The researcher who discovered it noted that at least 1,200 unencrypted contacts were accessible without a password. The Telegraph announced that it quickly secured the database as soon as it was informed of the issue, which impacted less than 0.1% of its subscribers.
Risk to Business: 2.801=Moderate
The exposed information includes internal logs, full subscriber names, email addresses, device info, URL requests, IP addresses, authentication tokens and unique reader identifiers, mostly for users who accessed The Telegraph through Apple News.
How it Could Affect Your Business: It pays to make sure that companies are building a strong security culture to discourage neglectful practices.
Scotland – Weir
https://www.bbc.com/news/uk-scotland-scotland-business-58801753Exploit: Ransomware
Weir: Heavy Equipment Manufacturer
Risk to Business: 1.616 = Severe
Scottish heavy equipment company Weir was hit with a ransomware attack. The BBC reports the company was essentially shut down briefly by the incident, which took place sometime in September 2021, forcing the company to delay shipments of mining equipment worth more than £50m in revenue. The company noted in its release that because the attackers did not exfiltrate or encrypt any data, it was confident that no financial or sensitive data had been stolen about employees or customers.
Customers Impacted: Unknown
How it Could Affect Your Business: Ransomware gangs don’t just want to steal data anymore. They’re also more than happy to shut down production lines to obatain ransoms.
Scotland – BrewDog
https://securitybrief.co.nz/story/aquila-technology-customers-urged-to-change-passwords-after-data-breachExploit: Misconfiguration
BrewDog: Bar and Restaurant Chain
Risk to Business: 1.615 = Severe
Scottish bar and restaurant chain BrewDog was responsible for exposing the data of 200,000 shareholders and customers, The company, famous for its crowd-ownership model as well as its beer, exposed that data over an 18-month period through a glitch in its mobile app that hard-coded authentication tokens for users into the mobile application instead of being transmitted to it following a successful user authentication event. Interested parties could simply append any customer ID to the end of the API endpoint URL and access sensitive PII (personally identifiable information) for that customer.
Individual Risk: 1.701 = Severe
Potentially exposed customer/shareholder details include, the customer’s name, date of birth, email address, gender, all previously used delivery addresses, telephone number, number of shares held, shareholder number, bar discount amount, bar discount ID, number of referrals and types of beer previously purchased
How it Could Affect Your Business: Having this data exposed through a blunder will hurt the reputation of a company that relies on customers as investors to stay in business.
Hong Kong – Fimmick Limited
https://www.zdnet.com/article/hong-kong-firm-becomes-latest-marketing-company-hit-with-revil-ransomware/Exploit: Ransomware
Fimmick Limited: Marketing Company
Risk to Business: 1.631 = Severe
Hong Kong marketing firm Fimmick has been hit with a ransomware attack that is purportedly the work of REvil. Cybersecurity researchers caught wind of the incident after REvil claimed to have burglarized Fimmick’s databases, snatching data that pertained to Fimmick’s work with a number of major brands. Sample data provided on REvil’s website as proof of the hack included data pertaining to the company’s work with Cetaphil, Coca-Cola and Kate Spade.
Customers Impacted: Unknown
How it Could Affect Your Business: Companies that provide services like this are especially tasty targets for ransomware gangs because even if they don’t pay the ransom their data on other businesses opens new doors.
Twitch
https://www.theverge.com/2021/10/6/22712250/twitch-hack-leak-data-streamer-revenue-steam-competitorExploit: Hacking
Twitch: Streaming Platform
Risk to Business: 1.402 = Extreme
Leading streaming and gaming platform Twitch has been hacked. Source code for the company’s upcoming expansion to its streaming service, an unreleased Steam competitor from Amazon Game Studios, has appeared on message boards as well as data that details the terms and amounts of content creator payouts. Ann anonymous poster on the 4chan messaging board delivered the data in a 125GB torrent. That poster also claimed that the stream includes the entirety of Twitch and its commit history including the aforementioned creator payouts, twitch.tv, source code for the mobile, desktop and video game console Twitch clients, code related to proprietary SDKs and internal AWS services used by Twitch, data on other Twitch properties like IGDB and CurseForge and, details about the AGS project and information about the platform’s internal security tools.
Customers Impacted: Unknown
How It Could Affect Your Business: Data is of immense value to cybercriminals in the booming dark web data markets, and this data will appeal to many different cybercriminal operations.
MoneyLion
Exploit: Credential StuffingMoneyLion: Financial Services Platform
Risk to Business: 1.712=Severe
That old favorite credential stuffing makes an appearance this week with an attack on the financial services platform MoneyLion. The Utah-based fintech company provides mobile banking services for borrowing, saving, and investing money. MoneyLion informed customers that “an unauthorized outside party appears to have been attempting to gain access to your account on the application using an account password and/or possibly email address that appear to have been potentially compromised in a prior event”. The data breach notice outlined the attacks as taking place over the course of several weeks spanning June and July 2021. The company assured users that no information was stolen.
Customers Impacted: 8.5 million
How It Could Affect Your Business: Credential stuffing is a classic that is even easier these days thanks to the huge amount of data that includes huge batches of stolen passwords available on the dark web.
Next Level Apparel
https://portswigger.net/daily-swig/us-clothing-brand-next-level-apparel-reports-phishing-related-data-breachExploit: Phishing
Next Level Apparel: Clothing Manufacturer
Risk to Business: 2.771 = Moderate
Next Level Apparel, a US-based clothing manufacturer, has announced that several of its employee accounts were compromised in a phishing attack. In a press release late last week, the company noted that cybercriminals were able to access the contents of several employee email accounts at various times between February 17, 2021, and April 28, 2021, including viewing customer and employee PII although the company could not confirm that any data was stolen.
Individual Risk: 2.802 = Moderate
Next Level Apparel noted that the customer and employee data accessible through the compromised accounts included names accompanied by Social Security numbers, financial/checking account numbers, payment card numbers, driver’s license numbers, and limited medical/health information.
How It Could Affect Your Business: More than 80% of reported security incidents in 2020 were phishing-related, making this the biggest cyberattack vector for every business.
United Kingdom – Welland Park Academy
https://www.bleepingcomputer.com/news/security/fired-it-admin-revenge-hacks-school-by-wiping-data-changing-passwords/Exploit: Hacking
Welland Park Academy: Secondary School
Risk to Business: 2.883 = Moderate
Hell hath no fury like an IT employee scorned, as Welland Park Academy discovered after a fired IT admin entered its environment and wreaked havoc. After his termination, the former employee wiped data on the school’s systems and changed all employee credentials. These actions made it impossible for the school to conduct distance learning. The same malicious individual also took revenge on the next company fired from, creating lockout chaos and wiping data at an unnamed IT company, as well as mucking up the company’s phone systems.
Customers Impacted: Unknown
How It Could Affect Your Business: Malicious insider threats are a hazard that very business should remember, because vengeful employees can do serious damage quickly.
United Kingdom – The Telegraph
https://www.bleepingcomputer.com/news/security/the-telegraph-exposes-10-tb-database-with-subscriber-info/Exploit: Misconfiguration
The Telegraph: News Organization
Risk to Business: 2.122=Severe
UK news giant The Telegraph is in hot water after researchers discovered an unsecured database that exposed an enormous amount of information, an estimated 10 TB of data. Much of the data appears to apply to Apple News customers. The researcher who discovered it noted that at least 1,200 unencrypted contacts were accessible without a password. The Telegraph announced that it quickly secured the database as soon as it was informed of the issue, which impacted less than 0.1% of its subscribers.
Risk to Business: 2.801=Moderate
The exposed information includes internal logs, full subscriber names, email addresses, device info, URL requests, IP addresses, authentication tokens and unique reader identifiers, mostly for users who accessed The Telegraph through Apple News.
How it Could Affect Your Business: It pays to make sure that companies are building a strong security culture to discourage neglectful practices.
Scotland – Weir
https://www.bbc.com/news/uk-scotland-scotland-business-58801753Exploit: Ransomware
Weir: Heavy Equipment Manufacturer
Risk to Business: 1.616 = Severe
Scottish heavy equipment company Weir was hit with a ransomware attack. The BBC reports the company was essentially shut down briefly by the incident, which took place sometime in September 2021, forcing the company to delay shipments of mining equipment worth more than £50m in revenue. The company noted in its release that because the attackers did not exfiltrate or encrypt any data, it was confident that no financial or sensitive data had been stolen about employees or customers.
Customers Impacted: Unknown
How it Could Affect Your Business: Ransomware gangs don’t just want to steal data anymore. They’re also more than happy to shut down production lines to obatain ransoms.
Scotland – BrewDog
https://securitybrief.co.nz/story/aquila-technology-customers-urged-to-change-passwords-after-data-breachExploit: Misconfiguration
BrewDog: Bar and Restaurant Chain
Risk to Business: 1.615 = Severe
Scottish bar and restaurant chain BrewDog was responsible for exposing the data of 200,000 shareholders and customers, The company, famous for its crowd-ownership model as well as its beer, exposed that data over an 18-month period through a glitch in its mobile app that hard-coded authentication tokens for users into the mobile application instead of being transmitted to it following a successful user authentication event. Interested parties could simply append any customer ID to the end of the API endpoint URL and access sensitive PII (personally identifiable information) for that customer.
Individual Risk: 1.701 = Severe
Potentially exposed customer/shareholder details include, the customer’s name, date of birth, email address, gender, all previously used delivery addresses, telephone number, number of shares held, shareholder number, bar discount amount, bar discount ID, number of referrals and types of beer previously purchased
How it Could Affect Your Business: Having this data exposed through a blunder will hurt the reputation of a company that relies on customers as investors to stay in business.
Hong Kong – Fimmick Limited
https://www.zdnet.com/article/hong-kong-firm-becomes-latest-marketing-company-hit-with-revil-ransomware/Exploit: Ransomware
Fimmick Limited: Marketing Company
Risk to Business: 1.631 = Severe
Hong Kong marketing firm Fimmick has been hit with a ransomware attack that is purportedly the work of REvil. Cybersecurity researchers caught wind of the incident after REvil claimed to have burglarized Fimmick’s databases, snatching data that pertained to Fimmick’s work with a number of major brands. Sample data provided on REvil’s website as proof of the hack included data pertaining to the company’s work with Cetaphil, Coca-Cola and Kate Spade.
Customers Impacted: Unknown
How it Could Affect Your Business: Companies that provide services like this are especially tasty targets for ransomware gangs because even if they don’t pay the ransom their data on other businesses opens new doors.
PCI-DSS Compliance: What You Should Know
Over the last year, many organizations struggled to keep their private data secure against cyberthreats as they rushed to adapt to pandemic-inspired shifts in workforce and operations. Cybercrime is becoming increasingly prevalent, and the sophistication and volume of cyberattacks is escalating as well. According to a report, over 300 million ransomware attacks occurred in 2020.1Dealing with a cybersecurity disaster is difficult and brings forth a lot of uncertainty, especially when it involves financial and reputational damage. This holds true for all organizations, and especially for small and medium-sized businesses (SMBs). SMBs are increasingly becoming prime targets for hackers because they consider these organizations to have insufficient expertise and resources to prevent and respond to attacks.
Now, more than ever, it is critical for business owners to protect their customers' personal information, especially as we approach the holiday season when individuals purchase a lot more than at any other time of the year.
This is where the Payment Card Industry Data Security Standard (PCI-DSS) finds its relevance.
Why Is PCI-DSS Important?
Organizations that accept payment cards and handle, transmit or retain payment card data must comply with PCI-DSS. It is crucial for data security because practically every business accepts credit or debit cards as a form of payment.
The PCI-DSS's directives limit the risk of credit and debit card data loss. It not only helps avoid identity theft but also includes best practices for recognizing, preventing and resolving data incidents.
PCI-DSS compliance also safeguards a company in the event of a data breach in which cardholder data is exposed. SMBs that comply with PCI-DSS are recognized by Visa, Mastercard, Discover, JCB and American Express, all of which are pioneers in establishing this information security standard.
Failure to comply with PCI-DSS can result in penalties that prevent a company from dealing with card data.
PCI-DSS has 12 requirements:
Maintain firewalls for business devices
Change vendor-supplied passwords
Encrypt transmissions of consumer data
Use updated antivirus software
Protect stored consumer data
Restrict access to consumer data
Maintain secure systems and apps
Make cardholder data available only on a need-to-know basis
Create a unique ID for every person with business computer access
Monitor access to network and consumer data
Test data security regularly
Maintain a data security policy
The PCI Compliance Levels
There are four levels of PCI compliance that are determined by the number of transactions an organization processes each year.
Level 1 Merchants
Through all channels, they process over six million card transactions every year (card present, card not present, eCommerce).Level 2 Merchants
Through all channels, they process about one to six million card transactions every year (card present, card not present, eCommerce).Level 3 Merchants
They process between 20,000 and one million card transactions every year through all channels (card present, card not present, eCommerce).Level 4 Merchants
They process up to one million card transactions per year across all channels (card present, card not present,and eCommerce), with no more than 20,000 card transactions per year processed just through eCommerce.
If you own a business that accepts, transmits or stores any cardholder data, you need to take PCI-DSS seriously and comply with all regulations.
When you're trying to figure everything out on your own, it’s easy to get overwhelmed. Working with a specialist like us gives you the benefit of having a compliance expert in your corner. We can regularly conduct assessments for you to verify compliance and make your compliance journey much easier.
Source:
- Statista
PCI-DSS Compliance: What You Should Know
Over the last year, many organizations struggled to keep their private data secure against cyberthreats as they rushed to adapt to pandemic-inspired shifts in workforce and operations. Cybercrime is becoming increasingly prevalent, and the sophistication and volume of cyberattacks is escalating as well. According to a report, over 300 million ransomware attacks occurred in 2020.1Dealing with a cybersecurity disaster is difficult and brings forth a lot of uncertainty, especially when it involves financial and reputational damage. This holds true for all organizations, and especially for small and medium-sized businesses (SMBs). SMBs are increasingly becoming prime targets for hackers because they consider these organizations to have insufficient expertise and resources to prevent and respond to attacks.
Now, more than ever, it is critical for business owners to protect their customers' personal information, especially as we approach the holiday season when individuals purchase a lot more than at any other time of the year.
This is where the Payment Card Industry Data Security Standard (PCI-DSS) finds its relevance.
Why Is PCI-DSS Important?
Organizations that accept payment cards and handle, transmit or retain payment card data must comply with PCI-DSS. It is crucial for data security because practically every business accepts credit or debit cards as a form of payment.
The PCI-DSS's directives limit the risk of credit and debit card data loss. It not only helps avoid identity theft but also includes best practices for recognizing, preventing and resolving data incidents.
PCI-DSS compliance also safeguards a company in the event of a data breach in which cardholder data is exposed. SMBs that comply with PCI-DSS are recognized by Visa, Mastercard, Discover, JCB and American Express, all of which are pioneers in establishing this information security standard.
Failure to comply with PCI-DSS can result in penalties that prevent a company from dealing with card data.
PCI-DSS has 12 requirements:
Maintain firewalls for business devices
Change vendor-supplied passwords
Encrypt transmissions of consumer data
Use updated antivirus software
Protect stored consumer data
Restrict access to consumer data
Maintain secure systems and apps
Make cardholder data available only on a need-to-know basis
Create a unique ID for every person with business computer access
Monitor access to network and consumer data
Test data security regularly
Maintain a data security policy
The PCI Compliance Levels
There are four levels of PCI compliance that are determined by the number of transactions an organization processes each year.
Level 1 Merchants
Through all channels, they process over six million card transactions every year (card present, card not present, eCommerce).Level 2 Merchants
Through all channels, they process about one to six million card transactions every year (card present, card not present, eCommerce).Level 3 Merchants
They process between 20,000 and one million card transactions every year through all channels (card present, card not present, eCommerce).Level 4 Merchants
They process up to one million card transactions per year across all channels (card present, card not present,and eCommerce), with no more than 20,000 card transactions per year processed just through eCommerce.
If you own a business that accepts, transmits or stores any cardholder data, you need to take PCI-DSS seriously and comply with all regulations.
When you're trying to figure everything out on your own, it’s easy to get overwhelmed. Working with a specialist like us gives you the benefit of having a compliance expert in your corner. We can regularly conduct assessments for you to verify compliance and make your compliance journey much easier.
Source:
- Statista