Data Broker Breaches – Insider Threats and More

Written by Hornetsecurity / 19.09.2024 /

You are currently viewing a placeholder content from Youtube. To access the actual content, click the button below. Please note that doing so will share data with third-party providers.

More Information

You are currently viewing a placeholder content from Libsyn. To access the actual content, click the button below. Please note that doing so will share data with third-party providers.

More Information

In this episode of the Security Swarm Podcast, host Andy Syrewicze and guest Eric Siron provide a comprehensive monthly threat review. They cover several major cybersecurity incidents and trends from the past month, including: 

  • The massive data breach at data broker National Public Data exposed over 2.9 billion personal information records. They discuss the risks of this breach, such as increased targeted phishing and social engineering attacks. 

  • A joint government agency warning about the Ransom Hub ransomware has impacted over 200 victims since February 2022, including critical infrastructure and high-profile organizations.

  • A case study of an IT administrator who held his employer’s systems for ransom by deploying logic bombs, highlighting the risks of insider threats even within trusted IT teams. 

They also touch on the topics of vendor risk management and the history of election tampering and provide recommendations for organizations to mitigate these threats. In conclusion, EP62 provides valuable insights into the ever-changing cybersecurity landscape and offers practical advice for security professionals.

Secure your organization against the evolving threat landscape! Discover how Hornetsecurity’s Advanced Threat Protection, Security Awareness Service, and 365 Total Protection can safeguard your business from data breaches, insider threats, and more. Learn more and protect your organization today!

Do you want to join the conversation? Join us in our Security Lab LinkedIn Group

Key Takeaways: 

  • The National Public Data breach exposed a vast amount of personal information, including names, email addresses, phone numbers, Social Security numbers, and more. This creates risks of more targeted phishing and social engineering attacks.

  • The continued use of easily abused identification methods like Social Security numbers underscores the urgent need to explore more secure alternatives, such as cryptographic key pairs. This is crucial in reducing the risks of identity theft. 

  • Insider threats from trusted IT staff members can pose a significant risk, as evidenced by the case of an IT admin holding their employer’s systems for ransom. Implementing practices like just-in-time administration and least-privilege access is crucial to mitigate these potentially devastating threats.

  • Overreliance on cloud-based services and a single vendor for critical business functions can lead to vendor risk and single points of failure.

  • Election security remains a significant concern, with the threat of interference and disinformation campaigns continuing. Ensuring robust cybersecurity measures at the state and local levels is crucial for protecting the integrity of elections.

Timestamps: 

(03:17) The National Public Data Breach 

(12:21) The Issues with Social Security Numbers 

(18:02) The Danger of Insider Threats 

(27:10) The Risks of Vendor Dependence 

(34:12) Recommendations for Protecting Against Threats 

Episode Resources: 

Security Lab LinkedIn Group – Security Lab LinkedIn Group 

September Monthly Threat Report – In-depth analyses from Hornetsecurity’s Security Lab 

Joint Government Agency Announcement on RansomHub – #StopRansomware: RansomHub Ransomware | CISA 

Security Swarm Passkeys Episode – Passkeys in Microsoft Entra: Benefits, Implementation Tips & More (hornetsecurity.com) 

Security Swarm Election Tampering Episode – How Threat Actors Tamper with Elections (hornetsecurity.com) 

You might also be interested in