By Randy Reiter CEO of Don’t Be Breached
There were many massive Data Breaches in 2022. Don’t be a member of this group in 2023. Data breaches are occurring now on almost a daily basis. They result in confidential data such as credit card numbers, email addresses, passwords, social security numbers and other private personnel or organization data being exposed.
Since this data is always maintained in centralized databases these databases are high profile targets for Hackers and Rogue Insiders. Experian has reported that 31% of data breach victims have their identity later stolen.
Largest Data Breaches in 2022
- November 7, 2022. Medibank the largest health insurance provider in Australia was publicly threatened by an unidentified Hacker. The Hacker claimed to have stolen the data on 9.7 million customers. Medibank confirmed that 500,000 health claims had been stolen in the data breach.
- September 19, 2022. Kiwi Farms forum was hacked. Emails, IP addresses and passwords were stolen. The Hacker obtained the administrator credentials to the website via session hijacking.
- September 16, 2022. American Airlines disclosed a data breach that had occurred in July of 2022. Approximately 1,700 employees and customers data was exposed in the breach as a result of a phishing attack.
- September 15, 2022. Uber’s private Slack channel was breached by the Lapsus$ group that has successfully compromised companies such as Microsoft, Nvidia and Samsung. The Hackers gained full access to Uber’s internal databases and source code. They were able to successfully get pass Uber’s multi-factor authentication.
- September 12, 2022. U-Haul informed customers of a data breach that included customer names and drivers licenses. The Hackers gained access to rental contracts from November 2021 to April 2022.
- July 19, 2022. Hacker posted data for sale on 69 million Neopets Stolen data included date of birth, email address, name, zip code and much more. Other Hackers in the past have also accessed Neopets databases.
- June, 2022. Flagstar Bank in Michigan was breached. The social security numbers of 1.5 million customers were stolen. The attack occurred in December 2021 and was discovered in June 2022.
- April, 2022. Block (formerly Square) disclosed their Cash App was breached by a former employee. Brokerage numbers, customer names, portfolio value, stock trading info and other data was stolen.
- March, 2022. Okta an authentication company was breached. Approximately 2.5% of their customers data was exposed. Hackers gained access via a 3rd-party customer support provider.
- February, 2022. GiveSendGo a Christain fundraising website was hacked. The personal details on 90,000 people were posted by the hackers.
Conventional approaches to cyber security may NOT prevent Data Exfiltration and Data Breaches. In 2020 the DHS, Department of State, U.S. Marine Corps and the Missile Defense Agency recognized this and all issued requests for proposals (RFP) for network full packet data capture for Deep Packet Inspection analysis of network traffic. This is an important step forward protecting confidential database data and organization information.
Zero-day vulnerabilities that allow hackers to gain system privileges are a major threat to all organizations encrypted and unencrypted confidential data. Confidential data includes: credit card, tax ID, medical, social media, corporate, manufacturing, trade secrets, law enforcement, defense, homeland security, power grid and public utility data. This confidential data is almost always stored in DB2, Informix, MariaDB, Microsoft SQL Server, MySQL, Oracle, PostgreSQL and SAP Sybase databases.
How to Stop Data Exfiltration and Data Breaches with Deep Packet Inspection
Protecting encrypted and unencrypted confidential database data is much more than securing databases, operating systems, applications and the network perimeter against Hackers, Rogue Insiders, Government-backed Hacking Teams and Supply Chain Attacks.
Non-intrusive network sniffing technology can perform a real-time Deep Packet Inspection of 100% of the database activity from a network tap or proxy server with no impact on the database servers. The database SQL activity is very predictable. Database servers servicing 1,000 to 10,000 end-users typically process daily 2,000 to 10,000 unique queries or SQL commands that run millions of times a day. Deep Packet Analysis does not require logging into the monitored networks, servers or databases. This approach can provide CISOs with what they can rarely achieve. Total visibility into the database activity 24×7 and 100% protection of confidential database data.
Advanced SQL Behavioral Analysis from Deep Packet Inspection Prevents Data Breaches
Advanced SQL Behavioral Analysis of 100% of the real-time database SQL packets can learn what the normal database activity is. Now the database query and SQL activity can be non-intrusively monitored in real-time with Deep Packet Inspection and non-normal SQL activity immediately pinpointed. This approach is inexpensive to setup and has a low cost of operation. Now non-normal database activity from Hackers, Rogue Insiders and Supply Chain Attacks can be detected in a few milli seconds. The Security Team can be immediately notified and the Hacker session terminated so that confidential database data is not stolen, ransomed or sold on the Dark Web.
About the Author
Randy Reiter is the CEO of Don’t Be Breached a Sql Power Tools company. He is the architect of the Database Cyber Security Guard product, a database Data Breach prevention product for DB2, Informix, MariaDB, Microsoft SQL Server, MySQL, Oracle, PostgreSQL, and SAP Sybase databases. He has a Master’s Degree in Computer Science and has worked extensively over the past 25 years with real-time network sniffing and database security. Randy can be reached online at rreiter@DontBeBreached.com, www.DontBeBreached.com and www.SqlPower.com/Cyber-Attacks.
Source: www.cyberdefensemagazine.com