Breach Guide

Learn the steps to take in the event of a data breach and stay current on the cyber threat landscape with the FTC’s Data Breach Resources, FBI’s Daily Digest Library and San Diego’s Cyber Incident Response Guide.

Federal Trade Commission (FTC) Data Breach Resources

Find out the steps to take as a business or consumer if you experience a data breach.

ftc-gov

FBI Cyber Daily Digest Library

Stay current on the global threat landscape with the FBI’s daily circulation of published data breaches and articles.

  • 8 Resolutions For A More Secure And Rewarding New Year

    • For many, the coronavirus pandemic meant scrapping their carefully crafted strategic plans and focusing their security efforts and resources on adapting to the new normal. Business models—and the IT needed to support the business—changed overnight.
    • There’s no harm in setting some goals that will make your organization more secure; make your team feel more connected and engaged; and make you a smarter, more balanced security leader.
    - Ali Neal | November 23, 2020
  • Two Romanians Arrested for Running Malware Encryption Services

    • Allegedly the operators of the CyberSeal and Dataprotector crypting services, as well as of the Cyberscan service, the duo is said to have provided aid to more than 1,560 criminals.
    • The services, Europol says, were used for crypting a variety of malware types, including information stealers, Remote Access Trojans (RATs), and ransomware families.
    • The illegal services were being offered on underground portals, at prices ranging between $40 and $300, depending on license conditions. The two provided constant updates and support to their customers.
    - Ionut Arghire | November 23, 2020
  • It’s not just spies who want your data

    • Australia’s domestic intelligence agency, the Australian Security Intelligence Organisation, released a rare public statement last week aimed at raising awareness about the use of social media and professional networking services for espionage purposes.
    • ‘Think before you link’ focuses on foreign intelligence threats and rightly cautions Australians to be careful about revealing personal information on networking services.
    • Even though ASIO’s warning focuses on Australians being recruited or duped by professional spies, online targeting and the creation of fake profiles and inauthentic networks are not just the realm of highly resourced state-sponsored cyber operatives. The tools and techniques used are cheap, simple and widely accessible. It’s not difficult, or expensive, to create an online presence with a unique artificial intelligence-generated profile picture.
    • Data itself can be difficult to monetise, but deep insights into individuals derived from data are highly valuable. Data broking is believed to be a US$200 billion industry.
    - Jocelinn Kang | November 23, 2020
  • Manchester United forced to take systems offline following cyberattack

    • U.K. soccer club Manchester United has been forced to take some systems offline following a cyberattack.
    • Manchester United didn’t release details on what the attack involved, but The Sun today quoted an expert as saying the attack bears “hallmarks of Russian or Chinese hackers.” The fact that the attack came before a game is also claimed by the expert to suggest that “the intention was to cause chaos for the club.”
    • Without any details on the attack, suggesting it was Russian or Chinese hackers is pure speculation. It could have been North Korean or Iranians hackers as well. The four countries dominate the list of advanced persistent threat groups.
    • “These are a fast-growing trend in 2020 and organizations such as football clubs are a prime target as their systems hold the details of hundreds of thousands of people including fans, employees, players as well as sensitive business and payment data."
    - Duncan Riley | November 22, 2020
  • World’s Dumbest Passwords Revealed: 200 Reasons To Use A Password Manager

    • More than half of the top 200 most common, and therefore dumbest, passwords were the same ones that appeared in the 2019 listing.
    • How dumb, you may be wondering? Well, 123456 remains the most commonly used password of 2020, yes really, appearing 2,543,285 times in the database analysis. (275,699,516 were analyzed)
    • Number four is the dumb 'password,' and 'senha' was just as bad, bringing up the rear of the top ten.
      • Five characters do not a smart password make. Nor does using the Portuguese word for a password, because that's what it means. Number 33 in the list of dumb passwords was unknown. No, literally, it was 'unknown.'
    • "Password managers, which can hold all our passwords securely, are the answer to this problem. Although many people think that putting all their passwords in one place on the cloud could make them vulnerable to attack, the opposite is in fact true. The clever use of two-factor authentication (2FA) and robust encryption is a far stronger mix than having to remember 100s of accounts, each with three random words."
    - Davey Winder | November 22, 2020
  • Cybersecurity: Dos and Don’ts and Legal Issues You Need to Understand

    • Data security breaches cause a lot of harm to an organization. Some of these harms may include:
      • Loss of trust of your consumers. When consumers stop trusting their competency and reliability, it will result in low sales.
      • The costs incurred as a result of cybersecurity will affect the overall cost of the business. The price will lead to regulatory fines, compensation payments, and business disruption costs, which will lead to the organization’s losses. 
    • To be safe from cyber-attacks, ensure you follow the above dos and don’ts. It is also advisable you understand the legal issues associated with cybersecurity and know how to avoid them.
    - Daniel Witman | November 19, 2020
  • Ransomware Attack Cripples Systems of Inland Port in Washington State

    • The Port of Kennewick, Washington reports that it is the latest target to suffer a crippling cyber-attack. The small port region far up the Columbia River and more than 180 miles southeast of the Port of Seattle demonstrates the indiscriminate nature of cybercrime.
    • The cyber-criminals placed an encryption lock on the port’s server and demanded $200,000 in ransom to restore access to the port’s servers and files.
    • The port, following the direction of the FBI and its technology professionals, has determined not to pay a ransom. “It would be using public funds and there is no guarantee an encryption key would be received after payment,” the port said in its statement.
    • They are rebuilding the port’s digital files from offline backups and working to restore the port’s email server, which is currently offline.
    | November 19, 2020
  • Data breaches bring more bad news for the travel and leisure industry

    • Leading online brands Expedia, Booking.com and Hotels.com have reportedly been the subject of a third party cyberattacks, which has led to potential breaches of booking information – including names, email addresses, telephone numbers and payment data.
    • Payment card data is likely to be considered the ultimate prize for hackers and it is imperative that businesses consider any areas of potential vulnerability in systems and processes to prevent these types of incidences from occurring.
    • Being able to prove that technology and strict protocols are in place also provides assurances to customers that organisations are taking the security of their personal data seriously, and will hopefully give consumers’ confidence on where they decide to take their spend.
    - Geoff Forsythe | November 19, 2020
  • Verizon Releases First Cyber-Espionage Report

    • The 2020 "Cyber Espionage Report" (CER) draws from seven years of Verizon "Data Breach Investigations Report" (DBIR) content and more than 14 years of the company's Threat Research Advisory Center (VTRAC) Cyber-Espionage data breach response expertise.
    • Key findings of the report are that for cyber-espionage breaches, 85% of actors were state affiliated, 8% were nation-state affiliated, and just 4% were linked with organized crime. Former employees made up 2% of actors.
    • The top compromised asset varieties in cyber-espionage breaches were desktop or laptop (88%), cell phone (14%), and web application (10%). For all breaches, the top asset varieties were web application (43%), desktop or laptop (31%), and email (21%).
    • "Because cyber-espionage is a difficult incident pattern to detect, the numbers may be much higher. The kinds of data stolen in Cyber-Espionage breaches (e.g., secrets, internal or classified) may not fall under the data types that trigger reporting requirements under many laws or regulatory requirements."
    - Sarah Coble | November 17, 2020
  • TicketMaster Slapped With $1.65 Million Fine Over 2018 Data Breach

    • In June 2018, Ticketmaster disclosed a data breach that apparently affected only 5% of customers. However, it was a serious breach since it affected both UK customers as well as international users.
    • As the investigations progressed, it became clear that Ticketmaster would have to face a fine according to the EU GDPR. This now looks true since the UK ICO has imposed a fine of £ £1.25million ($1.65 million). According to the details, the breach affected 9.4 million customers across Europe, with 1.5 million belonging to the UK only.
    - Abeerah Hashim | November 17, 2020

San Diego Cyber Incident Response Guide

Learn more about San Diego’s region-wide cyber incident response guide and available local, state and federal resources.

San Diego Cyber Incident Response Guide October 2017