The number of reported crimes related to data breaches has increased in recent years. Both small and large companies are being targeted. How can you protect yourself against data breaches?
A data breach is when someone has gained unauthorised access to information in a data collection, such as a computer system. It also includes unauthorised manipulation, deletion, modification, or addition of data to a system.
Data breaches are most commonly committed through stolen login information. Attackers gain access to login details through phishing or the like. The victim may, for example, be tricked into providing login details by a login page that looks genuine, or get malware on their computer by clicking on what looks like a legitimate attachment.
Initially, the attacker's main goal is to get the victim to click on the link or download the file that executes the malicious code. Once the victim has performed the action required to execute the malicious code, the victim's computer begins to become infected.
The computer is now vulnerable, and soon the attacker can control it remotely and access sensitive documents, files and contacts without being detected.
Unfortunately, the simple answer to this question is that cybercrime is and remains extremely profitable, and the risk of detection is relatively low.
For various reasons, almost all companies avoid reporting the breach to the police, and often choose to pay all or part of the ransom demanded by the attacker. In this way, unsuspecting companies and organisations continue to finance criminal activities.
In parallel with digitalisation and rapid technological development, cybercriminals have also become organised. Today's criminals are often organised in company-like structures.
There are also government-funded hacker groups whose role is to attempt to fund their own government's military needs or spy on other nations.
In nearly 85% of cyber attacks in 2021, the data breach was caused by human error. Phishing was the most common method used by attackers. Spear phishing accounted for more than half of phishing emails. Scammers identify their intended victims – their role in the company, their interests and the structure of the company – and then use this information to deceive their victim.
There are several elements to a company's protection against data breaches: the knowledge and awareness of its employees, its procedures and working methods, and its technical protection.
To protect your company from a data breach, it is important to train staff in basic cyber security, have anti-virus protection and put IT policies into place.
Train staff to recognise fake emails through exercises and information.
Have clear procedures and a permissive culture in relation to what actions staff can take if they have the slightest doubt about an email or text messagre about data breaches and ransomware.
Ransomware is a type of virus that locks all computers and mobile devices, or encrypts files. To regain control, the company has to pay a ransom. If your company becomes a victim of ransomware, you should never pay the ransom, as there are no guarantees that this will make the problem go away.
Report it to the police and get help from the resources available at nomoreransome.org . More information about ransomware is available on the Swedish Police's website. Under the GDPR, all concerned parties must be informed of any data breach that has occurred if there is a risk of identity theft, leaked personal data or fraud. This means that data breaches must sometimes also be reported to Integritetsskyddsmyndigheten (Swedish Authority for Privacy Protection).
There are many examples of well-known companies that have been victims of ransomware here in Sweden, for example in the grocery trade. One of the companies that was a victim of ransomware had no crisis plan in place when they were locked out of their systems, and were unsure of how to communicate with each other when their emails and phones were not working. Should they use their private email addresses? Have an incident response plan ready in case of a ransomwareattack.