With 2014 coming to a close, it’s a time to look back at the data breaches that took place over the year and try to learn from the mistakes made in order to do better in 2015. Below are some of the worst breaches of the past year:
In May, the online auction site announced the shocking news that more than 145 million accounts had been affected by an enormous cyber attack on eBay’s systems. Users’ postal and email addresses were compromised, as well as login credentials, allowing for the possibility of fraudulent sales and purchases. While members’ financial data was not exposed during the breach, eBay announced that the hack caused it to lose $200 million in revenue for 2014.
U.S. security contractor
At the end of the summer, USIS, a contractor performing background checks for the Department of Homeland Security, fell victim to a data breach and exposed personal information on numerous employees. Sensitive data, including Social Security numbers, addresses, birth dates and phone numbers, was exfiltrated during the hack and an unknown amount of other privileged agency information was also exposed, according to the Washington Post.
One of the most controversial breaches on this list, the hack of iCloud accounts in September leaked hundreds of sensitive celebrity photographs to public online forums like the infamous 4chan. Apple denied that its internal systems were breached, but security was increased after the attack was made public. iCloud security measures were also enhanced after it was discovered that the hack was the result of brute force methods – in which an account password is guessed multiple times until the right combination is found – and there were no safeguards in place to stop such attacks.
September was a busy month for cyber security. The iCloud hack was followed closely by an attack on Home Depot’s POS systems in which 109 million records were exposed. In one of the biggest retail data breaches in history, 56 million credit card numbers and 53 million email addresses were compromised. The company blamed a third-party vendor for the the intrusion.
In early October, JPMorgan Chase, America’s largest bank, announced it had experienced a breach affecting more than 80 million U.S. families and around 7 million small- and medium-sized businesses, making it the biggest reported hack of its kind, according to ZDNet. The cyber attack exposed the names, phone numbers, addresses and emails of customers and employees, as well as internal Chase documents relating to the compromised customers. The breach was so large that the FBI is still investigating it and looking for connections between Chase’s hack and attempts made on other financial institutions.
Perhaps the most harmful breach to affect the U.S. government during a year when many cyber criminals targeted Washington was the intrusion into the U.S. Postal Service networks. Information on more than 800,000 employees was compromised during the attack, including birth dates, Social Security numbers and addresses. According to the Washington Post, the breach was discovered by USPS in mid-September, but the agency didn’t make a public announcement of the hack until early November. Many security researchers pointed the finger of blame at China, as the attack was perpetrated by a “sophisticated actor that appears not to be interested in identity theft or credit card fraud,” according to an official from USPS. However, the FBI is still investigating the breach and has yet to officially name a suspect.
The most recent breach on this list, networks belonging to Sony Pictures Entertainment were infiltrated in late November by cyber criminals suspected to be acting on behalf of North Korea. The security intrusion was devastating, resulting in the exposure of at least 47,000 records, including employee information and internal email exchanges between executives, as well as unreleased movies being leaked onto the Internet for free download.
So far, two separate lawsuits have been filed by four former employees alleging that the studio took insufficient steps to protect their data, even after experiencing similar system breaches in the past.
Enterprise protection for the new year
While the breaches that occurred in 2014 affected a variety of industries and used multiple attack methods, all of the security intrusions that took place had one thing in common: The vulnerable companies did not properly secure all of their endpoints. In a recent blog post, Trend Micro researchers discussed the advantages of blacklisting and whitelisting for enterprises interested in improving their network security.
Blacklisting is a reliable method of enterprise data protection, but it is limited in its abilities. Blacklists don’t allow any files through network perimeters that are on the list, working tirelessly to keep malicious software out. However, false positives can occur and new, unidentified threats can occasionally make their way through before there is a chance to add them to the list.
Whitelisting, however, is more secure and tightly controlled. As the writers of the blog post described it, whitelisting is like a VIP list for a business’s network, only letting in the files and programs on the list. This protects against the possibility of unknown, unwanted applications to be installed and executed on an enterprise system.
Trend Micro’s Smart Protection Network includes more than 360 million trusted files and metadata on more than 5 billion good files, helping organizations to respond to incidents more quickly and receive forensic analysis faster while also reducing the occurrence of false positives.