With the latest cyber hack of Equifax in the news, consumers and businesses alike are scrambling to check on their data’s security, and taking steps, such as freezing accounts, to mitigate any possible financial damage. However, the best strategy is to be pro-active in protecting data before breaches have a chance to occur in the first place. Equifax’s failure to do so is a cautionary tale for businesses and other organizations of what not to do about handling sensitive data.
The back story
The Equifax attack occurred back in May of 2017 and was discovered in July, but not revealed publicly until earlier in September of 2017. The attackers exploited a known vulnerability in the Apache Struts’ web-application software, an enterprise platform used by numerous organizations. The attack turned out to have been entirely preventable, according to Rene Gielen, vice-president of the software firm, citing a patch with installation instructions available to users two months before the attacks ever began.
The breach left over 143 million people’s credit histories vulnerable, with lawsuits pouring in by the dozens. Names, social security numbers, bank accounts, credit card information – all were left bare for the hackers who had plenty of time to access sensitive information.
Could this happen again?
According to credit expert and former FICO employee John Ulzheimer quoted in Business Insider, the short answer is yes. There is no perfect way to keep out determined hackers, who have become more sophisticated in their hacking methods as well as taking advantage of obvious flaws, like the one which occurred in the Apache Struts’ software. That said, there are ways to make data storage and related systems less attractive to potential hackers.
What can be done to safeguard data for now?
There are two primary options that consumers, including businesses, can take to reduce damage from a hack:
A credit freeze can’t prevent thieves from changing existing accounts, continued, close monitoring will still be necessary.
What steps can businesses take for the long term to protect their data?
Security software giant Symantec offers a number of common-sense precautions and actions that businesses can use to sharply reduce the chances of a hack by making their data harder and more time-consuming for a would-be hacker to breach by implementing the following suggestions:
As more hackers and others with malicious intent gain experience and sophistication in their methods, the cost of cyber breaches is estimated to surpass the $2 trillion mark by 2019 according to a model published by the RAND Corporation and Juniper Networks. With the increasing chances of being hacked and the possibility of subsequent lawsuits, fines and investigations, a company who ignores the handwriting on the wall, as well as IT experts’ advice for prevention and intervention, will do so at their peril.
Fill out the form below and an A2Z IT expert will contact you right away