Mar 07 2024
Off
Imagine, for a second, that you’re an extremely well-known individual with personal connections to millions of people around the world. All of these people trust you so much that they write down their personally identifiable information (PII) on a sheet of paper and hand it to you for safekeeping. You keep everything on you at all times to make sure that the wrong people aren’t seeing the information that was entrusted to you. There’s a problem though: everyone knows that you have this information. They don’t know what the information is, but they know that you have it – and they want it. Knowing this, would you invest in some sort of protection to thwart off any would-be attackers?

 

Now, unless you’re Mike Tyson or Muhammad Ali, you’re probably thinking “yes, I should probably hire a bodyguard, or two, or three”. If you weren’t able to keep that information safe, then no one would trust you again and all of a sudden your million-person network falls apart and you’re only well known for being careless and irresponsible. So, if you weren’t already thinking “yes” before, you definitely should be thinking it now. If this is necessary for an individual, then it is doubly so for businesses where this imaginary scenario is an actual reality.

Image depicting a connected network of computer devices

Just last year, the social network X (known as Twitter at the time) suffered a data breach that implicated over 200 million of its users. The email addresses tied to these users were shared in an online hacking forum. This compromises one of X’s key functions – to provide a safe platform for online activists that want to post anonymously from countries that crack down hard on political dissent. While that may not be X’s flagship or most advertised features, it definitely is one of its most critical from the perspective of making a difference in the world – and a data breach like this doesn’t exactly inspire confidence in would-be activists.

 

But X can survive something like that – some companies aren’t that lucky. In 2014, Code Spaces, a cloud-based code-hosting service that offers a suite of project management tools fell victim to a well orchestrated Distributed Disruption of Service (DDoS) attack against their central servers. Following this, a malicious actor was able to gain access to the company’s Amazon EC2 control panel. The devastating hack wiped away vast amounts of data, backups, machine configurations, and offsite backups, causing huge amounts of damage to Code Space’s credibility and financial standing, eventually leading to a complete shutdown.

 

Often, and understandably, companies dedicate the majority of their efforts to the development and maintenance of their flagship products and main sources of revenue. But, as we’ve just seen, all it takes is one catastrophic hack to undo years of hard work. To all company executives: invest in cybersecurity early, and do so intelligently. By the time a hacker sets their sights on you, it’s already too late.

 

References: Mashable, Threatpost

Posted inBlog Malware Security