Monthly Cloud Security Roundup: The Rise in Insider Threats, The #1 Brand for Phishing Attacks, and More

May 18, 2020

Monthly Cloud Security Roundup: The Rise in Insider Threats, The #1 Brand for Phishing Attacks, and More

Each month, we bring you some of the most compelling cloud and Salesforce security-related stories from the last four weeks. In this post, we discuss the rise in insider threats, Americans’ privacy concerns, the impact of data breaches on employees, and more.

Most Americans avoid certain services given privacy concerns

A new survey from Pew Research Center reveals that 52% of adults in the U.S. have chosen not to use a product or service because they feel their personal data is not secure. Most Americans are concerned about the way private organizations and the government use personal data, whether it’s when making purchases, signing up for an account or program, or simply registering to vote.

In addition, 21% of respondents said they don’t use particular websites because they felt they’re not secure. 11% avoid using certain electronics, and some reported not using social media or specific services like DNA ancestry kits, financial tools, or healthcare applications due to privacy concerns. More specifically, the cited reasons ranged from having to share personal information to the product or service being untrustworthy. Consumers are frustrated by the lack of transparency and a clear understanding of what happens with their personal information once it is collected.

1 in 3 employees don’t use VPN when working from home

A CISO MAG survey recently discovered that 70% of respondents use a VPN to securely log in to their company’s network and 30% do not. While the majority follow robust security precautions, those that don’t use a VPN risk compromising the security of the entire company network. If a hacker were to access just one employee’s endpoint and that device doesn’t have the proper security like a VPN, the hacker may gain access to your entire network.

It’s critical to evaluate and reconfigure infrastructure security at the endpoint for all employees, including partners, suppliers, contractors, and any other parties all the way through the supply chain. This may require vendor risk assessments and management, but in the end, by closing the gaps, you’ll secure your network with a robust VPN posture, even with employees working from home where you can’t guarantee they’re using a secure Wi-Fi network or ethernet.

Insider threats nearly doubled in two years

Insider threats are on the rise, according to the Ponemon Institute’s 2020 Cost of Insider Threats: Global Report. In just two years, threats caused by insiders rose 47% – from 3,200 in 2018 to 4,716 in 2020. Not only did the number of incidents increase, but so did the cost, and not just to accommodate for inflation. In 2018, the cost of a breach was $8.76 million, whereas in 2020, the cost grew to $11.45 million.

At an average of $307,111 per incident, insiders pose just as much risk to an organization’s data security as external attacks – in fact, a similar survey by Gurucul revealed that 65% of employees access documents unrelated to their job, and 40% abuse their privileged access in response to a negative performance review. On top of that, 58% of security professionals in the financial services industry admitted to emailing company documents to their personal accounts, which could indicate potential malice on the employee’s part.

Insider threats are one of the most significant reasons why user activity monitoring for cloud applications like Salesforce and Office 365 are critical to secure data and minimize risk.

India implementing new cybersecurity policy

As the most populous country in the world, India is a prime target for hackers looking to steal sensitive data from smartphones and internet-connected devices. More than half of India’s population is 25 years old or younger, which naturally means that more people are using (and therefore providing their personal information to) services and goods like mobile wallets, social media applications, etc. In fact, Symantec found that India is the second most frequent victim of cyberattacks, only after the United States and China.

The Indian IT Act of 2000 doesn’t fully protect residents from modern threats like phishing, SIM jacking, ransomware, mobile payment fraud, malware, social engineering, and DDoS attacks. As a result of the dated policy, the Indian government is planning to implement a new cybersecurity policy – the Personal Data Protection Bill – in 2020. This bill would regulate the processing of citizens’ data by the government as well as companies (both domestic and foreign).

“The bill is a ground-breaking step for the nation towards building the significant base of ‘trusted’ digital India. It will change the way privacy is perceived and practiced by various businesses. Global organizations based in India and/or providing services will be particularly impacted. Considering the data transfer mandates, as most global firms which process personal data of Indians store their data at remote locations will face challenges in terms of increased compliance costs.”

– Jaspreet Singh, Partner – Cyber Security, EY

Data breaches negatively impact employees’ work-life balance

Data breaches are an unfortunate reality in our modern, digitally connected world. Billions of people worldwide have had their data leaked, and breaches continue to increase, along with the costs. But the costs are not always financial. A recent Kaspersky study found that a company’s data breaches severely impact its employees’ personal lives outside of work. Humans are the victims of every cyber-attack – case in point, 30% of employees affected by a security incident missed an important personal event, 32% had to work overnight, and 33% suffered additional stressors as an indirect or direct result of the incident. More than a quarter of respondents reported canceling vacations due to fallout from their organization’s data breach(es).

Kaspersky offers advice for minimizing the impact of a security incident:

  • Be transparent with your employees during a crisis
  • Before an incident occurs, create a plan for IT to follow during a crisis
  • In the event of a breach, focus on investigation and remediation, not pointing fingers
  • Even a security breach can be seen as a learning opportunity; use an incident to train employees and improve security measures for the future
  • Foster a corporate culture of data privacy and cybersecurity
  • Have media responses and corporate-approved messaging prepared to address the public in the event of a cyberattack

The #1 brand for phishing attacks: Apple

According to a recent study, hackers’ favorite brand for phishing attacks is Apple. The “Brand Phishing Report” revealed that Apple iOS users accounted for a full 10% of phishing attempts, followed by  Netflix (9%), Yahoo (6%), WhatsApp (6%), PayPal (5%), and Chase (5%), among others. The report posits that the reason why Apple is the primary target for attacks is that hackers want to exploit the brand’s recognition by creating a fake website that mimics the brand’s official site. On the fraudulent website, the user is prompted to enter their credentials, provide payment details, or otherwise share sensitive, personal information. According to the report, the most targeted sectors for brand phishing attacks are technology, banking, and media.

“Cybercriminals continue to exploit users by adopting highly sophisticated phishing attempts via emails, web and mobile applications purporting to be from well-recognized brands which they know will be in high demand at the moment, whether that’s a high profile product launch or just generally tapping into behavioral changes we’ve seen during the Coronavirus pandemic. Phishing will continue to be a growing threat in the coming months, especially as criminals continue to exploit the fears and needs of people using essential services from their homes.”

– Maya Horowitz, Director of Threat Intelligence & Research, Check Point