It’s almost halfway through 2020 and a lot of businesses have already been hit with major cyber attacks. A significant one being the London-based banking software provider Finastra, which suffered a ransomware attack in the middle of March.
The attackers swiftly gained sensitive information, like employee passwords. They also created backdoors that allowed deeper access to the network. Fortunately, the company’s cybersecurity team was able to isolate and scrub infected servers before the virus did further damage to the system.
However, this cleaning process required days worth of outages for its services that handled retail banking and mortgage lending. This is a major loss for the company, as Finastra serves about 90 per cent of the world’s top 100 banks.
It’s these types of issues that businesses can’t afford to make. As such, it’s important to learn from them to ensure your team doesn’t make the same mistake.
Last year saw a lot of major breaches and attacks. Here are the most significant ones and their corresponding lessons:
Facebook’s Massive Data Leaks
One of the earliest attacks in 2019 was when an unprotected server exposed over 146 gigabytes of user data. An app that linked to Facebook also exposed user IDs, photos, location check-ins and even unencrypted passwords from its database.
The latest instance was in late November, when the company accidentally provided third-party Android applications with its users’ personal data. Another platform, Twitter, also suffered the same problem. Both of them removed and blacklisted the software developer kits responsible for the leaks.
There’s a lot to learn about Facebook’s data leak blunders. But the most important one would be to vet your third-party applications and programs properly. Your productivity suite, data analysis software nd cloud storage provider all house sensitive business and customer data. So only use ones with excellent cybersecurity track records.
The Canva Hack
Canva is a design tool that lets users create posters, presentations, flyers and other visual content. It gained popularity because its base version is free. Plus, you don’t need to download gigabytes of software to start creating graphics. It’s also the victim of a major cyberattack in May last year.
It stated that the data of over 140 million users were stolen. These included location data, emails and customer names. Although user passwords were also taken, they’re encrypted using the latest and best methods. As such, even veteran hackers won’t be able to crack them. However, users were still encouraged to change their passwords as a precaution.
Canva must have had a robust vulnerability assessment routine, but it wasn’t enough to identify and stop an attack before it happened. However, the company’s encryption practices should be followed. Modern methods, like SHA-1, MD5 and bcrypt are all great tools to use to keep your employees’ and customers’ passwords safe from cybercriminals.
Cyber attacks on businesses can cost thousands of dollars in reputation damage, operational disruption and data recovery. A single attack can close down small to medium enterprises. As such, it’s best to learn from the cybersecurity mistakes and best practice of different companies.