Marriot Data Breach and What Should the Customers do to Protect Themselves
Marriot on Friday reported a data breach affecting the information of 500 million of its Starwood customers. The stolen information includes name, phone number, email addresses, passport number and in some cases credit card numbers and expiry dates. While the company is still taking measures to do damage control for the second biggest breach in history (after Yahoo’s data breach), here is what consumers can do to protect themselves:
- Look out for any suspicious activity on your bank account. Continuously monitor all activities and immediately report any unauthorised transactions
- Limit information you share with your company. A travel company may ask for your passport number, but customers can also provide a different form of identification. Try not saving credit card details on untrusted websites
- Reset any reused passwords associated with your Starwood account. Select strong passwords that are difficult to predict and consider using a password manager.
- Look out for updates from Marriot but be aware of phishing emails trying to take advantage of the news relating to the breach.
Privasec's COO, Karan Khosla Interviewed by ICE71
Privasec is really proud to be a part of ICE71; Singapore's first cybersecurity startup hub, aimed at growing Singapore's cybersecurity ecosystem. Privasec’s COO, Karan Khosla shared his thoughts on hacking and data breaches in a recent interview with ICE71. Here are some key takeaways from his interview:
- It is not a question of IF but WHEN a company will be hacked.
- Preparation is key. Many companies are now realising the value of incident response war room training - walking through an incident to practice what to do and being prepared for security incidents.
- Individuals need to become better prepared and start protecting themselves from data breaches. Keeping systems up to date and using strong passwords is critical.
Dealing with a Data Breach
The 2019 Threat Report produced by Sophos provides an in-depth analysis of key cyber-attack trends. Here are some key highlights:
- Prepare for ransomware attacks:The report analyses ransomware attacks (e.g. WannaCry, Dharma and SamSam) and argues that the worst manual ransomware attacks started when “the attacker discovered that an administrator had opened a hole in the firewall for a Windows computer’s remote desktop”. Using multi-factor authentication (MFA) and limiting the use of domain admin credentials to dedicated machine(s) are effective tools to prevent ransomware. We also suggest developing an incident response plan (IRP), testing it, and training staff who need to know about it.
- Attacks via IoT devices: There has been significant growth in the numbers of attacks targeting IoT devices. Simple measures such as changing the default passwords to prevent reinfection is key as attacks targeting IoT devices are not slowing down.
- Practise the fundamentals: The report emphasises the importance of returning to the basics. This includes using of password manager and multi factor authentication where available. Do not store passwords in plain text. Be mindful of clicking on unknown links or opening unknown files or messages. Be careful of what you store in "the cloud".
Cost of a Data Breach
IBM sponsored the 13th annual cost of a Data Breach study, the industry’s gold-standard benchmark research, which was independently conducted by Ponemon Institute. The infographic depicts some of the key findings.
Importance of Application Whitelisting Strategy for Businesses
Application whitelisting is the practise of specifying an index of approved software applications to run on a computer system. The Australian Cyber Security Centre (Australian Government’s lead on national cyber security) categorises application whitelisting as one of the eight essential cyber risk mitigation strategies.
Having an application whitelisting strategy is crucial for any organisation. The goal of whitelisting is to protect computers and networks from potentially harmful applications by not allowing attackers to place their own executables on the system or replace known good executables with compromised ones. Application whitelisting also prevents zero-day attacks by not allowing execution of any untrusted applications.
Thus, having the right application whitelisting tool in place is key to prevent running of non-trusted applications. Some well-known commercial whitelisting solutions include Airlock Digital, McAfree and Digital Guardian. AppLocker, gatekeeper and Logstash are some of the free tools available for application whitelisting.