Security breaches are rampant today, negatively impacting organizations and users across the globe on a daily basis. Identifying the underlying events and incidents that cause these breaches not only helps us understand how they occur, it also provides valuable insights for countering this growing threat.
Verizon’s investigative report into the leading causes of security breaches revealed 62% of data breaches resulted from hacking and 81% of those breaches leveraged either stolen, weak, or default passwords. Social attacks accounted for 43% of attacks and 51% of data breaches involved some form of credential stealing malware, with human error causing 28% of the data breaches investigated.
Common Causes of Security Breaches
A cursory analysis of these statistics shows that human error is the weakest link in the chain, even when it comes to risks like password attacks and social engineering. These are four of the most common scenarios where an inadvertent mistake can lead to some far-reaching ramifications.
Poor Passwords Practices
Compromised passwords obtained via credential harvesting are a leading cause of data breaches. Obtaining user credentials is the easiest way to gain access to a system, so it stands to reason that attackers will try and exploit the path of least resistance.
Weak or default passwords are low hanging fruit to attackers. The tendency to choose convenience over security has been a long-identified consumer trait — even vendors are guilty of this. Recent studies have shown that over 50% of IoT device manufacturers will battle to address security threats that result from the weak authentication practices they’ve used in the past.
Password reuse is another common risk — a common symptom in organizations that enforce password complexity policies. As users are forced to remember more complex passwords for multiple applications, the more likely they are to reuse a single complex password. This puts the organization at risk of a credential stuffing attack — 73% of passwords are duplicates, according to the TeleSign 2016 Consumer Account Security Report.
Password spraying also takes advantage of the humans in the security chain. In essence, this type of attack involves brute-forcing authentication with a small list of commonly used passwords. Think 123456 or password, which (surprisingly) still top the list of the most frequently used passwords.
Basic human error is responsible for over one quarter of all security breaches. Examples of this include employees leaving laptops or other mobile devices in vulnerable locations where they can easily be stolen and employees inadvertently emailing sensitive information to unauthorized third parties.
Another example of simple human error resulting in a serious security breach is when someone misconfigures an application or database, which can mistakenly expose sensitive information online. For example, this was the case when sensitive information was stored in an unsecured Amazon S3 bucket.
Process and Technology Errors
A chain is only as strong as its weakest link and in security the chain is made up of people, processes, and technology. Failures in basic security processes such as poor patch management can cause security breaches. Like passwords, unpatched systems are prime targets for attackers as the effort involved in successfully breaching the system is very low.
Technology is not perfect, and it too can fail from time to time, resulting in exposed data or a compromised system. For example, a software update could create a software vulnerability such as an SQL injection, which may give attackers that opening they’re looking for.
How to Protect Your Organization from a Security Breach
When implemented and managed correctly, basic security hygiene processes (such as basic patch management) can mitigate many breaches attributed to hacking. Ensuring security regression testing as an integral part of any deployment process can help prevent technology failures that could lead to a security breach, and encrypting data on mobile devices can also help prevent a breach involving a lost or stolen device.
And while many organizations believe passwords are critical for valid and secure authentication, they remain the achilles heel of secure authentication practices. To mitigate the real threat of a security breach caused by weak passwords, organizations should consider strengthening their authentication with an adaptive multi-factor authentication solution that provides further defense with contextual awareness. This not only protects against weak passwords, but also provides an additional layer of protection and visibility for IT teams in an ever-growing threat landscape.