4 Catastrophic IT Disasters & How to Prevent Them
Cyber-attacks have been happening since before the advent of the home computer. In spite of the ongoing development of programs designed to prevent data breaches, hackers still find ways to get around the defenses and wreak havoc by infecting systems and collecting proprietary data. Here are some examples of the biggest IT disasters that have occurred to date.
1. Theft of Financial Data
Breaching systems and harvesting financial data is one of the more common goals of cyber-attacks. In 2005, one of the payment processors utilized by MasterCard was breached. The result was the account information related to as many as 40 million accounts was compromised.
That was not the last time that credit card information was harvested. Visa and Mastercard suffered another major breach in 2012. Associated with a third party payment processor, it was estimated that in the range of 10 million accounts were impacted by the attack.
Department store credit cards are not immune from this type of attack. In 2013, the Target Corporation was the object of a cyber-attack that resulted in the collection of credit card data harvested from purchases using the Target store card as well as other cards accepted by the retailer. Estimates of how many cards were compromised vary, with the lowest being in the range of 40 million. Other estimates included figures as high as 110 million.
2. Email Attacks
In May 2000, many people showed up for work and found what appeared to be an innocuous email from a coworker or customer waiting for them. In fact, they were about to have an encounter with what is now referred to as the ILOVEYOU infection. Opening the email triggered a worm that infected various types of files housed on hard drives, captured information from address books, and began to send out the same email to everyone email address saved in that book.
Altogether, the efforts required to remove the worm and contain the damage is estimated to have cost somewhere between 5 and 9 billion dollars USD.
3. Theft of Medical Data
During 2014 and 2015, three health insurance providers were targets of data theft resulting from cyber-attacks. CareFirst, Premera Blue Cross, and Anthem experienced data breaches that left the medical data of 91 million clients exposed.
4. Organized Hacking
In recent years, groups such as Anonymous have undertaken hacking efforts aimed at specific organizations. Anonymous first came to prominence due to a 2008 attack on the servers operated by the Church of Scientology.
Since that time, the group has invested time on limiting the Internet presence of extremist groups like ISIS by hacking social networking accounts and flooding them with information that is in opposition to the goals of those groups. While the amount of damage done is difficult to determine, this particular form of hacking has attracted both positive and negative attention.
Even as newer and stronger security measures are developed, hackers find ways to circumvent those precautions. In the years to come, the cyber-attacks that seem so significant today may prove to only be a taste of what is yet to come.
STEPS FOR PREVENTION
1. Check the link before you click it. If you hover over a link it will show you the actual website it is leading to. If it looks familiar it is probably safe. If it looks like a dog’s breakfast of alpha-numeric mash maintain a healthy degree of skepticism.
2. Look at the file before you open it. Tools like VirusTotal should help.
3. Set strong passwords for your accounts. Even if some sites don’t make it mandatory to have a capital letter, punctuation notes and numbers, strongly consider using them in your passwords anyway. Tools like LastPass help you store all of your passwords - no matter how absurd they are, so you won’t need to worry about forgetting them.
4. Log out - no matter how inconvenient it feels.
5. Don’t answer emails asking you to update security information. These are the signatures of phishing schemes. If this happens and looks legit, call the company that supposedly sent it to you by Googling their website instead of the numbers provided in the email.
6. Don’t download files or images from questionable domains.
7. Use an antivirus software as well as a dedicated security solution against malware.