Today it was reported by CNNMoney that over the last 12 months, hackers have exposed the personal information of 110 million Americans — roughly half of the nation’s adults. The Ponemon Institute believes that about 432 million accounts have been hacked, giving hackers access to personal information like name, debit or credit card, email, phone number, birthday, password, security questions and physical address. Stories about cyberattacks are now so frequent that researchers at Unisys says we’re now experiencing “data-breach fatigue.” But it’s not just our personal lives under attack.
According to a co-sponsored survey by PwC, the U.S. Secret Service, the CERT Division of Carnegie Mellon University's Software Engineering Institute and CSO security news magazine, companies are also taking a big hit from hackers. The survey questioned 500 executives of U.S. businesses, law enforcement services and government agencies.
The AP reported that the 12th annual survey of cybercrime trends found that online attackers determined to break into computers, steal information and interfere with business are more technologically advanced than those trying to stop them. Three out of four respondents said they had detected a security breach in the past year, and the average number of security intrusions was 135 per organization.
The main cyberattack methods reported by the cybercrime survey were malware, phishing, network interruption, spyware and denial-of-service attacks. Just over a quarter of respondents said the attackers were insiders, either contractors or current and former employees or service providers.
Some companies may be surprised to know that hacks are getting more sophisticated and hacking weapons are numerous, cheap and easily obtained. Hackers have also learned to infiltrate corporate networks, roaming around for years before setting off any alarms or raising suspicion.
Ed Lowery, who heads the U.S. Secret Service's criminal investigative division says companies and the government need to take "a radically different approach to cybersecurity," which goes beyond antivirus software, training employees, working closely with contractors and setting up tighter processes.
Even when caught, some hackers, like Hector Xavier Monsegur, are getting reduced sentences by helping investigators fight attacks. Monsegur was facing 26 years behind bars until he helped thwart approximately 300 cyberattacks on targets ranging from the U.S. Armed Forces and Congress to a TV network and a video game maker. Instead, he got seven months, which he already served.
Unfortunately, the security of the Internet relies on underfunded volunteers. It also doesn’t help that too many people are using outdated and flawed software that makes it easy for attackers to take over systems.
So where is your company’s cybersecurity at? Is your company worried about a breach? What is your company doing to stay secure? Has it been under attack in the last year… that you know about? Leave your comments below.