Mega breaches: What’s behind the headlines?

Nowadays, barely a day goes by without an organisation getting hacked. In this age of ‘big data’, cyber criminals can compromise almost any type of personal information. As technology continues to evolve, so do the number of routes of entry for criminals to gain access to sensitive information. These attacks are also increasing due to more businesses using the cloud, adopting Bring-Your-Own-Device (BYOD) and other connected objects.

Why do attacks happen?

More often than not, hacks are conducted with criminal intent. Hackers are on the look-out for what will benefit them – financially or otherwise. The cyber crime landscape is always changing and organisations can find it difficult to stay ahead. There are a number of forms hacks and cyber-attacks can take, including:

  • State-sponsored attacks/cyber espionage: Considered by many to be the new form of inter-state spying. This is usually to uncover state secrets or areas of interest that may be useful to the country carrying out the attack
  • Insider threats: Insider threats are attacks carried out – both accidentally and maliciously – by those within an organisation. The risk of insider threats is on the rise, with 64 percent of security professionals saying insider threats occurred more frequently in 2015 (Insider Threat Report 2015, Computer Weekly)
  • External attacks: On a basic level, these are attacks by anyone outside of an organisation. However, beyond that the reasons behind external attacks can differ greatly – state-sponsored attacks are an example. More usually, external hackers are simply cyber-criminals out for personal financial gain.

Our paper, ‘Mega Breaches: Behind the headlines’, examines the rise in mega breaches, why they happens and examines some of the most highly publicised mega breaches of the past couple of years. The paper also explores what steps organisations can take to mitigate the risk and protect sensitive data.