Sage Advice - Cybersecurity Blog

The popular tax preparation software TurboTax recently announced that an unauthorized party had accessed an undisclosed number of its clients’ accounts. But it wasn’t because they had suffered a data breach. Instead they were victims of a credential stuffing attack – a cyberattack that continues to gain popularity. 

If you’ve been the victim of identity theft, you’re not alone. In the past five years, we’ve seen healthcare data breaches grow in both size and frequency, with the largest breaches impacting as many as 80 million people. One in four US consumers had their healthcare data stolen in 2017, and 50% of breaches resulted in medical identity theft. Victims paid an average of $2,500 out-of-pocket costs per incident (Accenture).

If we look back at some of the recent cybersecurity headlines, it’s clear to see that it’s been a year full of ransomware and cover-ups. We saw a significant uptick in the maturity and sophistication of attacks. Not only was more data stolen than ever before, the biggest hacks we’ve ever experienced occurred. It short, it was a banner year for hackers.  

When threat hunting, you must first understand the adversaries you’re facing. While their techniques may be very similar, what motivates them can be very different. Understanding these motivations can provide you with a better understanding of where and when a cyber attacker may strike or when an unwitting accomplice takes measures that present undue risk to the organization.

As the number of successful cyber-attacks continues to soar, it's time to take a proactive stance to detect them. You can’t simply sit back and wait for an automated alert to let you know you’ve been breached. You need to actively seek out potentially malicious behavior on your network. Hunting down indicators of attack, so you can detect and contain an incident as quickly as possible.

News that a fundamental security flaw impacting nearly every computer chip manufactured in last 20 years began spreading in the early days of 2018. Two variants – named Spectre and Meltdown – were identified. While their mechanisms are slightly different, both variants exploit a chipset hardware vulnerability allowing rogue programs to read protected memory. That means that attackers can obtain secret information from memory – previously considered completely protected – including passwords and encryption keys.

Information security professionals can hardly be blamed if they’re ambivalent about digital disruption and digital transformation. On one hand, they’re getting traction with disruptive security technologies, whose automated, real-time capabilities help transform the security function. On the other, they’re facing mounting cybersecurity challenges as their organizations leverage IoT, AI, social tools, and mobility to become more efficient, effective, and engaging, said Don Anderson, a presenter at Tyler’s 2017 CyberCrime Symposium.

In 2012, when Sean Sweeney became CISO for a large university, info-security strategies focused on preventing breaches. At that time, “CISO stood for ‘chief information scapegoat officer,’” said Sweeney, a presenter at Tyler’s 2017 CyberCrime Symposium.  “It was my job to prevent every possible attack against the university 24x7x365. That’s an unwinnable job, right?”

Cybercrime’s a global pandemic, and no organization, large or small, is immune. When everyone’s at risk, everyone’s responsible. And how they handle this responsibility has global implications.

If there’s any good news, it’s that everyone’s in it together. By making “Think Global, Act Local” the theme of its 2017 Cybercrime Symposium, Tyler Cybersecurity issued a call to action. Every organization’s charged with investing in the right people, training, technologies, and services to protect themselves, while striving to be an asset to a global community where collaboration’s critical.

The Equifax data breach is the worst corporate data breach to date, impacting more than 140 million people. The cybercriminals struck gold when they exploited a known vulnerability, and gained access to a treasure trove of personal information, including names, social security numbers, dates of birth, addresses, and driver’s license numbers, along with credit card numbers from more than 200,000 people and dispute documents from more than 180,000 people. There are serious implications for this information getting out. Here are a few, and what you can do to protect yourself.