Why Data Breaches Take So Long to Detect — And How You Can Protect Yourself



geek n keyboard data breach
Whenever we hear the news of what seems like yet another major data breach, the inevitable questions come up: How does this happen? What does this mean for my bank account? And, undoubtedly, why did it take so long for them to figure this out?

To the average consumer, it seems like a data breach should be easy to spot. Some might even imagine alarms, sirens, flashing lights — something dramatic to indicate that data is flying out the door unexpectedly. The truth is, though, that data breaches are generally much quieter, often happening right under security team noses for days, weeks, even months before attracting notice. The result? Customers who shopped in particular stores as many as six months earlier could be affected by a breach.

Not all data breaches are the same, and the means of discovery isn't always the same. In some cases, such as the recent Home Depot breach, the problem is revealed when the stolen information surfaces on the black market or somewhere else it shouldn't be. Sometimes, an eagle-eyed security pro spots an anomaly and decides to investigate. Sometimes, a third-party audit leads to the discovery of the breach. Because detecting a breach is an inexact science, it can take some time to spot a problem.

The human element of data breach detection is not the only reason that breaches take so long to find. Several other factors make it hard to find and close them.

Sophisticated Criminals
Cyber criminals who launch attacks designed to steal information aren’t generally amateur hackers fooling around in their parents’ basements. High-level criminals are intelligent, sophisticated, and well- funded — and skilled at exploiting any type of security lapse they can. Many data breaches start with zero-day exploits, which are essentially undiscovered security loopholes. When a hacker finds the loophole before the company’s security team does, he or she will use it to inject malware or find another way to access the network. Once they gain access to what they want, they cover their tracks — and create more openings to ensure future access. How do they cover their tracks? In most cases, by making the information they are stealing appear to be regular network traffic. For example, they may disguise the data they are stealing as a Microsoft Word or Excel file, which probably won’t raise any eyebrows as it’s transmitted over the corporate network. As long as the exploits go undetected as well, the criminals can continue stealing information.

A False Sense of Security
Many businesses do not take necessary precautions to protect their networks because they erroneously believe that they have nothing of value to a hacker. However, if your business is a vendor to a larger business, you could be a target of hackers. The major breach of Target, for example, was traced back to an air conditioning vendor, which was hacked and then used as a means to access Target’s systems. In fact, many businesses that experience cyber attacks aren’t actually the intended victims, which only underscores the importance of strong network security with real-time protection that uses the latest data to block zero-day exploits and other suspicious behavior.

Big Data
binary codes data breach
While real time monitoring and advanced threat protection are important, the sheer number of attacks that the average corporate network receives each day makes it difficult, if not impossible, to accurately investigate and verify every single alert in a timely manner. The best security programs do an admirable job of blocking and containing threats, but in some cases, a manual review of logs or traffic patterns is necessary to identify a breach. For that reason, it can take a few weeks or month to confirm the problem.

Protecting Yourself
Because the process of identifying and closing breaches is not perfect, and it can take time, consumers need to protect themselves and learn to identify the signs of a potential breach. At minimum, you should:

Carefully review your statements regularly to spot any unusual activity. Criminals often make a series of small purchases to test that a card works before stealing larger amounts.

Use cash. If possible, make purchases with cash instead of debit cards, or use credit cards, which have higher levels of fraud protection.

Limit the amount of information you share.

If you own a business, make network security a priority. Use the most advanced protection systems, and educate employees on how to protect data.

As long as information is stored in databases and shared over networks, there will be people trying to protect it — and even more people trying to steal it. The next time you hear about a breach, though, don’t be surprised if it started several months before the announcement.

11 Comments

  1. This is something that scares me a lot these days. It's as if it's so easy for someone to steal private info from one another and I know people who's identities were stolen. It's a mess to deal with. To those who're dealing with potential identity thieves, please read this article.

    ReplyDelete
    Replies
    1. I think about this everyday. Get scare when I see my emails read. It's pretty weird!

      Delete
  2. The reason why so many hackers take so long is because they like to take small sums here and there from big accounts, at least that's what I hear. I figure if it's someone robbing from a person with a small amount, they'll take small sums gradually every time they're paid so as to not make it look like anything was stolen.This is a real problem these days and I doubt it'll ever be stopped. The only thing we can do is monitor our accounts often and make sure no one has stolen any money off of our accounts.

    ReplyDelete
    Replies
    1. Yes, this is true that we can only monitor our accounts, other than that, hackers are good at what they do.

      Delete
  3. My mother's identity was stolen in the past and it was undetected, and who knows how long it took the person to do it, but that's the thing, we probably will never know. People work in such mysterious ways and it really is sad that people stoop to such a level as to steal from others like this. The sad truth is that no one's private info is safe, and the only way to keep it safe is to be observant and to keep an eye on every single thing.

    ReplyDelete
    Replies
    1. There is just no limit to how far one would go. Protecting your things, and data is good, but some people can be obsessive about it - which isn't good either.

      Delete
  4. Data breaches are a big risk sometimes these days. I myself am very protective of my private info. I make sure not to share any personal info online or anywhere else. But still, I know people who's identity was stolen and they didn't even use computers during those days, so ones identity isn't safe even if you aren't using devices.

    ReplyDelete
    Replies
    1. How interesting! Identity theft without computers? That must have been from mailings and other places where your friends went.

      Delete
  5. The sad truth is that so many hackers are out there, willing to steal from those of us who try to live a good life. I've been close to getting my identity stolen before, from people using my credit card, to sending me bills in the mail for stuff I don't even use and so on. It can be fought, but it takes a keen eye to see what is going on. Monitor your life, as much as possible.

    ReplyDelete
    Replies
    1. Data breach is happening everyday and all the time. Sometimes we don't know until it's too late! How long one has been watching or collecting information, we would never know.

      Delete
  6. That's the thing about data breaches, these hackers take their time to cultivate ones info and when they have enough, they go to town with it and steal all one is worth. Some just want identities to use. My way of protecting myself is to simply follow everything I do, keep updated on my pay and check to see if there's anything going on with my private info. As long as everything is good, I'm good.

    ReplyDelete

Have a thought? Please leave a comment here, and I will return as soon as possible. Thanks - If you have a minute, why not check-out the sibbling of Self Sagacity.com Blogger Broadcast. Extra Links = Spam = Delete.