4 Times a Security Breach Was Narrowly Avoided
Introduction
We’ve all heard of prominent companies who have been a victim of a data breach. Little to no attention, however, is given to organizations that narrowly avoided security-shaking catastrophe through good judgement, quick thinking or just plain luck.
This article covers four instances where a security breach was narrowly avoided and what helped prevent the disaster from happening. Read on, and you can learn from their (almost-) mistakes and quick thinking!
Two year's worth of NIST-aligned training
Deliver a comprehensive security awareness program using this series' 1- or 2-year program plans.
1. City of Las Vegas
Officials from the city of Las Vegas revealed that their systems were targeted with a sophisticated cyberattack during the 2020 Consumer Electronics Show (CES). This forced the local government to shut down many of its online services. Fortunately, an employee working in the city’s IT department was able to identify the threat in the early hours of January 8th, 2020 and prevent the systems from being breached.
According to Las Vegas Review-Journal, city spokesman David Riggleman said that officials have been proactive in protecting its IT network. On average, the city experiences 279,000 data breach attacks on a monthly basis. However, swift action by its IT staff helped the city avoid what had the potential to cause severe damage. The data systems were also shortly restored to normal function.
2. Ukraine election
In 2014, Ukraine’s Central Election Commission narrowly escaped a breach when hackers from the pro-Russian CyberBerkut group infected its computers and attacked files critical to vote-counting. Twenty-hour hours later, government officials announced that the system had been restored from backups and everything can go on as scheduled. However, shortly before the election results were destined to air on television, cyber experts working for the government detected and removed a virus secretly placed on the Election Commission’s PCs.
Had the Ukrainian government experts failed to remove the virus or restore the lost data from the backup, it would have distorted the results of the election and caused unrest across the Donetsk region, undermining the reputation of the new government. Thankfully, the incident response and cybersecurity measures taken by the security experts came in handy and Ukraine’s vote was declared as a genuine election by international observers.
3. TeamSupport
TeamSupport’s CEO received three emails from a teamsupport.com email account, which seemed like a phishing attack. Tickets from customers in the company’s support queue revealed they had also received the same emails. The company went through its account activity logs for Gmail and saw that a Gmail account had been accessed from Lagos, Nigeria. No one from the firm had visited that place recently.
The company later determined that hackers had used a phishing email to target one of TeamSupport’s employees. Once the hacker was successful, they were able to access the compromised Gmail account and delete all of the contacts. This dampened the company’s ability to determine where they had obtained customer emails from. They also used another email client to send messages and spoofed TeamSupport’s corporate ID.
Fortunately, someone from TeamSupport’s security team suggested recovering deleted contacts in the compromised account. Upon recovery, several contacts showed up that matched the list the company had created of customers who received the phishing email. The company sent an email to that list saying that one of its emails were hacked but no application data had been breached.
The response they received from customers (mostly B2B companies) was positive, putting an end to a stressful situation. This also likely helped the company escape a potential breach where the hackers could have used email spoofing to trick and lure customers into handing over their personal data.
4. Coinbase
Cryptocurrency exchange Coinbase was targeted by two zero-day bugs that would allow adversaries to gain remote access to a Firefox browser and run code on the victim’s machine. Hackers needed a second bug to let the first bug perform the exploit with the help of a malicious code. Before Mozilla released a patch, though, the hackers had executed the bugs, and had attempted to compromise Coinbase personnel so they could breach their security and steal cryptocurrency.
Fortunately, an external researcher and Coinbase itself noticed the attack before the network could be breached or any crypto could be stolen. According to an employee from Coinbase’s security team, the company was able to defend itself from the hack because of its security-first culture, well-practiced incident response playbooks and company-wide deployment of its detection and response program.
Coinbase also revoked all credentials on the targeted machines and locked every account owned by the affected employees. This helped them to degrade the hackers’ ability to continue their efforts and learn more about the attack.
Conclusion
Security breaches are becoming a day-to-day challenge for companies. Recent trends reveal a huge increase in phishing and network-based attacks while suggesting that most businesses have poor cybersecurity practices in place. In 2019, it took companies an average of 206 days to identify a data breach.
To successfully avoid data breaches, it’s imperative that companies make security awareness a part of their culture and build infrastructure with solid defensive posture. Only then will it be possible for them to defend themselves and their customers.
See Infosec IQ in action
Sources
- Las Vegas city officials assessing impact after cyber attack, Las Vegas Review-Journal
- Cybersecurity of Voting Machines, Brookings
- Lessons Learned from (almost) Getting Hacked, TeamSupport
- Responding to Firefox 0-days in the wild, The Coinbase Blog
- How long does it take to detect a cyber attack?, IT Governance
In this Series
- 4 Times a Security Breach Was Narrowly Avoided
- Tax scam season: How to protect your data from common scams in 2024
- Security awareness for kids: Tips for safe internet use
- Celebrate Data Privacy Week: Free privacy and security awareness resources
- Consumer data, who owns it and who protects it?
- Human error is responsible for 74% of data breaches
- What is a social engineering attack?
- Biggest cybersecurity mistakes by large organizations
- 4 common social media scams (and how to avoid them)
- From theory to practice: Designing a successful security awareness training program
- Understanding cyberattacks: Types, risks and prevention strategies
- Securing digital frontiers: The importance of information and IT security awareness training
- Optimizing your corporate security awareness training: Strategies and techniques
- What is security awareness: Definition, history and types
- Top 10 security awareness training topics for your employees in 2023 and beyond
- AI best practices: How to securely use tools like ChatGPT
- Connecting a malicious thumb drive: An undetectable cyberattack
- 5 ways to prevent APT ransomware attacks
- 4 mistakes every higher ed IT leader should avoid when building a cybersecurity awareness program
- ISO 27001 security awareness training: How to achieve compliance
- Run your security awareness program like a marketer with these campaign kits
- Deepfake phishing: Can you trust that call from the CEO?
- Fake shopping stores: A real and dangerous threat
- 10 best security awareness training vendors in 2022
- How to hack two-factor authentication: Which type is most secure?
- Malicious push notifications: Is that a real or fake Windows Defender update?
- Free Cybersecurity and Infrastructure Security Agency (CISA) ransomware resources to help reduce your risk
- How IIE moved mountains to build a culture of cybersecurity
- At Johnson County Government, success starts with engaging employees
- How to transform compliance training into a catalyst for behavior change
- Specialty Steel Works turns cyber skills into life skills
- The other sextortion: Data breach extortion and how to spot it
- Texas HB 3834: Security awareness training requirements for state employees
- SOCs spend nearly a quarter of their time on email security
- Security awareness manager: Is it the career for you?
- Risks of preinstalled smartphone malware in a BYOD environment
- The ROI of security awareness training
- 5 reasons to implement a self-doxxing program at your organization
- What is a security champion? Definition, necessity and employee empowerment [Updated 2021]
- Excel 4.0 malicious macro exploits: What you need to know
- Worst passwords of the decade: A historical analysis
- ID for Facebook, Twitter and other sites? Not so fast, says security expert
- 3 surprising ways your password could be hacked
- Fake online shopping websites: 6 ways to identify a fraudulent shopping website
- All about carding (for noobs only) [updated 2021]
- Password security: Complexity vs. length [updated 2021]
- What senior citizens need to know about security awareness
- 55 federal and state regulations that require employee security awareness and training
- Brand impersonation attacks targeting SMB organizations
- How to avoid getting locked out of your own account with multi-factor authentication
- Breached passwords: The most frequently used and compromised passwords of the year
We’ll customize our demo to your
- Security awareness goals
- Existing security and employee training tools
- Industry and compliance requirements
Security awareness
Tax scam season: How to protect your data from common scams in 2024
Security awareness
Security awareness
Celebrate Data Privacy Week: Free privacy and security awareness resources
Security awareness