How Do Data Breaches Occur? | CrowdPoint Technologies

A data breach occurs when a data source is compromised and confidential information is extracted.

This is done in a variety of ways, including accessing a computer or network to steal local files or through bypassing network security remotely. While most data breaches are attributed to hacking or malware attacks, other breach methods include: insider leaks, payment card fraud, loss, or theft of a physical hard drive of files and human error. 

In summary, over 97% of breaches require a network to infiltrate in and exfiltrate your data.  These breaches all have a common element: people. Human error is frequently the common element in many breaches, and accounts for greater than 50% percent of the root causes of security breaches.  Common errors include: 

  • Using a weak password 
  • Sending sensitive information to the wrong recipients
  • Social engineering and phishing
  • Misconfiguration of network and storage devices
  • Failure to plan for a Denial of Service (DOS) attack
  • Insider threat
  • Physical theft
  • Sharing password/account information

Many human errors can be prevented by making sure employees know their basic data security measures. However, the combination of human error, technology, and the vulnerabilities that are created between the two are also described below.

Conventional Wisdom

Conventional wisdom has a lot of ideas on how to protect ourselves while looking for ways to increase the education pipeline of future cyber privacy and technology experts. Unfortunately, these conventional approaches aren't working.

We know that conventional thinking can lead to doing the same thing repeatedly and expecting different results. To protect our privacy and thwart would be attackers, we must thing unconventionally.

Scott McNealy was unconventional when he describes the interconnected world,

"When computers (people) are networked, their power multiplies geometrically. Not only can people share all that information inside their machines, but they can reach out and instantly tap the power of other machines (people), essentially making the entire network their computer."

He understood the power of people, software, and hardware technologies working together when they are interconnected by a network.  After all,  software is a set of instructions, data, or programs used to operate computers and execute specific tasks. System software includes operating systems like windows, mac, iOS, or android.

Software

__SoftwareUnfortunately, the networking of people, software, and networks allowed those who develop software to get around the DNA of the software. 

Think of software as "goodware". It is essential to understand that  the genetic code of good ware can have gaps.

So maybe a better word for "goodware" is "gapware".

 

"Gapware"

__GapwareSometimes the "gapware" has mistakes that unintentionally create an unnecessary drain on the computer or device it is installed on.

It can also cause latency in network connectivity. 

For years, software developers endeavor to build software that will automate tasks and do good.  While software should be a kind of "goodware," unfortunately it is "gapware".  

When writing code, developers can inadvertently make a mistake that creates a vulnerability.  Vulnerabilities leave gaps that can be exploited. When developers rely on code that was created by another developer, they inherit the mistakes and gaps that the original developer created. In response, these mistakes have been classified as exploits. These exploits are sorted into hundreds of Common Vulnerabilities and Exposures (CVEs) to be identified for future reference.

However, many of these security vulnerabilities go unfixed for long periods of time. For example, according to a study by Verizon

“99.9% of the exploited vulnerabilities had been compromised more than a year after the associated CVE was published.”

Leaving these old security vulnerabilities unfixed gives hackers a free pass to your company’s most sensitive information.

Even worse, the "gapware" may be a useless installation on the device.

Enterprise companies, small businesses, and consumers are all common targets.

Bloatware

__Bloatware

Useless software is often called bloatware.  Bloatware will slow create latency in requests and computing and that will slow down your device and your internet connection. 

Too often internet service providers are blamed for slowing connection speed, when in fact it is bloatware that might be the culprit.

 

 

Two common types of harmful software and viruses are Adware and Spyware. 

Adware

__Adware Adware is not always malicious in nature, however, its aggressive advertising code will undermine your security. 

It does this just to deliver you ads.

Adware is the loud mouth of the internet. 

Not only does it slow your internet experience, but it creates gaps for other malware to have a way in. 

It is the gateway malicious code that invites and notifies hackers that you have an opening on your device.

Spyware

__SpywareSpyware works like adware but is usually a separate program that is installed unknowingly. 

Spyware hides in the background and records you online activities, including: passwords, credit card numbers, search history, and more.

Malware

__MalwareMalware is malicious software. This software is written with the intent of damaging devices, stealing data, and generally causing a mess.

Malicious software is a term that describes any program or code that harmfully probes systems.

The malware is designed to harm your computer or software and commonly masquerades as a warning against harmful software.

The “warning” attempts to convince users to download varying types of software, and while it does not damage the physical hardware of systems, it can steal, encrypt, or hijack computer functions.

Malware can penetrate your computer when you are navigating compromised websites, downloading infected files, or opening emails from a device that lacks anti-malware security.

Trojan software

__Spyware

Trojan software is a malware disguised as legitimate software or is hidden in genuine software that has been tampered with.

It creates backdoors in your security to let other malware in.

 

Ransomware

__RansomwareRansomware is a type of malware that locks down your computer and files, and threatens to erase everything unless you pay a ransom.

 

 

 

Anti-virus Software

__Antivirus-softwareAnti-virus software is designed to prevent, detect, and remove malicious software. 

Anti-virus and firewalls are list-based solutions; this means they rely on a list that contain only known threats and potential variants. 

Depending on your version of anti-virus software, efficacy can range from 0 to 65% .

Today conventional thinking is behind anti-virus Software

Unconventional thinking is required to protect against online threats.

As Albert Einstein said, "We cannot solve our problems with the same thinking we used when we created them."

NoWare™

__NowareNow that software, bloatware, adware, spyware, malware, and ransomware have been covered, it is time to think about something new.

CrowdPoint has built NoWare™.

Our cyber privacy technology services creates an environment where viruses and NoWare™ can not co-exist.

This AI technology not only inoculates your devices from viruses, it also automates computer repair. Our AI teaches the computer to conduct its own self-repair to return the PC to better than out of the box brand new performance.

The leadership team of CrowdPoint comes from many different backgrounds, the U.S. Army, technology companies, direct sales, affiliate marketing, the insurance industry, and healthcare. The combination of unique experiences has created the world's first cyber privacy and technology provider. CrowdPoint is raising an army to win the global war on privacy by thinking differently.

Our army of brokers, agents, technicians, and customers are unified in their efforts through the CrowdPoint App that is available for iOS and Android.