Big and Small Canadian Firms Hit by Data Breaches in 2015

When a large company suffers a data breach, there is much media coverage on the incident, highlighting all of the gory details. However, when smaller companies suffer such an attack, little is said or heard about the incident, and the fact that oftentimes, these breaches occur as a result of not enough being done by […]

Cyber SecurityWhen a large company suffers a data breach, there is much media coverage on the incident, highlighting all of the gory details. However, when smaller companies suffer such an attack, little is said or heard about the incident, and the fact that oftentimes, these breaches occur as a result of not enough being done by the companies to keep their networks properly protected.

Discussed below is a brief overview of the types of breaches that have occurred throughout 2015:

  • DDOS Attacks – Attempts to bring sites down by bombarding them with irrelevant messages, causing the communication pipe or server to back up.
  • Data Loss – A result of unencrypted data on USB sticks or portable computers when the hardware gets lost or stolen.
  • Unauthorized Access to Corporate Records – Oftentimes former employees or contractors still have access because credentials are not changed. This is not always a problem but has the potential to become so if the relationship turns bad.
  • An Attack On Third-Party Suppliers – If a third-party supplier suffers an attack and is linked to your operations, your business could suffer the effects. This example was illustrated this year when several large photo retailer sites were closed down to make corrections to the software.
  • Point Of Sale Malware – POS malware, which is when attackers install data stealing software on point-of-sale systems, caused several retailers data loss/theft issues in the past year.
  • Phishing Attacks – Commonly occur via email or telephone. Many attackers use phishing techniques to convince the victim to provide personal or financial information thinking the receiver is a legitimate company or person.
  • Ransomware – A situation where your information or site is hijacked, and you are locked out until the “ransom” or demanded fee is paid. It is very difficult to properly protect against this type of attack.
  • Insider Threats – Occur as a result of mistakes or unhappy employees. To remain in control over this, monitoring software can be implemented, tracking the activity in your systems. Making users aware that monitoring software is in place on its own can act as somewhat of a deterrent.

This list only represents a portion of the ways networks can be compromised. There is an abundance of potential threats lurking, and falling victim to these will have many costs associated, and can negatively impact a business to severe degrees. Financially, this can be potentially devastating, with reported losses by organizations averaging approximately 5 million dollars.

Because of this, it is critical that all organizations take some sort of precautions in an attempt to protect systems. Failing to adequately educate employees and safeguard data can be a bigger risk than most people realize.

Discover more about safeguarding against attacks. Call CTECH Consulting Group at (403) 457-1478 or email us at info@ctechgroup.net to learn about our managed IT services.