.png)
While countries are slowly opening back up after the global lockdown, many people are still staying indoors and working from their homes. Companies have changed how they operate; from recruiting remotely and meeting online, to introducing remote helpdesks. Formal matters have moved online too.
Some government offices have switched to web-based platforms, making them safer and more accessible to the public. Even though our work and life experiences may have changed during the pandemic, one thing that has not changed is the danger bad actors pose to us. With fewer options for in-person identity verification, their activities have become an even greater issue.
It’s easier for them than ever to file a loan application or benefits claim in someone’s name, without ever setting foot in a bank or government agency. In this article we zoom in on cybercriminal activity during the pandemic and on its key enabler – poorly secured personal information.
Exploitation of Unemployment Insurance Programs
Millions of people worldwide have lost their jobs due to the coronavirus recession, and labor offices have been flooded with unemployment claims. According to the US Service report, a crime ring has used the current situation to carry out a fraud operation on a massive scale.
The cybercriminals filed unemployment claims on behalf of people who had not been laid off by using personal information from black-market data dumps. Looking at the figures allows us to better understand the extent of the problem: more than 36 million people in the US have filed insurance unemployment claims, with billions of dollars delivered in payments, so fraud affecting even a fraction of these applications has massive real-world impact.
The ugly truth is that the consequences of data breaches do not end with a regulatory fine or short-term negative media attention. The real consequences can be long-lasting and are not always borne by the company whose data was stolen, but rather by the individuals whose data has been exposed. The enabled identity thefts can affect one’s credit score or benefit eligibility, or even get them into legal problems. To get a clearer idea of how data breaches affect the lives of their victims, we need to look at how cybercriminals monetize the stolen data, in what is known as data dumps.
What are Data Dumps?
Data dumps are archives containing confidential data – usually personal and financial information: names, addresses, contact details, login credentials, credit card, and social insurance numbers. Data dumps are created by cybercriminals out of data stolen from breached companies and sold on black market forums.
They are used by fraudsters who do not necessarily have the cyber skills to conduct the attacks themselves, but instead are proficient in running fraud operations powered by such data. Data dumps are a significant source of income in the cybercrime economy, with high-quality (i.e. recent and complete) dumps containing credit card information, fetching prices of around $20 apiece. Even if card information is not present, records can still be valuable – loan and benefit frauds can be conducted without it.
Data present in dumps can be hijacked in various parts of the victim’s infrastructure – while credit card information is typically skimmed from point-of-sale systems, other records may be stolen from centralized data and analytics solutions.
They’re a lucrative target as they typically contain significant volumes of information which may be inadequately protected due to a combination of factors: the systems are often complex, made up of various subcomponents, delivered over many years by different vendors, and need to interface with numerous other solutions both upstream and downstream. For this reason, it is especially important to consider security at every stage of an organization’s data & analytics journey – complexity makes it easy to get it wrong, and the consequences can be devastating.
How to Prevent Data Breaches?
It is important to stress that data breaches do not happen by chance. If a system’s security is not actively being managed, it is not a question of “if”, but “when” a data breach will happen. With thousands of new security vulnerabilities found every year, a proliferation of security testing tools and specialist knowledge, and a rapidly growing cybercrime economy; there is no shortage of potential attackers.
Given enough time, they will find a way to reach their target when the company least expects it. It is therefore vital to actively tackle this challenge by ensuring one’s data and analytics solutions are not only built right from the outset, but also regularly assessed and fixed to prevent breaches throughout their lifecycle.
At Lingaro, we have highly proficient security specialists on board who know how to spot and fix the weaknesses which the attackers use in real-world data breaches. We help global organizations discover and remediate data & analytics security risks in existing systems by conducting audits, penetration tests and red team exercises, as well as help deliver new solutions built with security in mind from the very start. This way, we enable our clients to enjoy the benefits of digital transformation with confidence and peace of mind.
