Scribd
Upload
64 views8 pages

Data Breaches

The document discusses a data breach at the Sacramento Bee in 2018 caused by a third party vendor. When the third party performed maintenance, their firewall went down and exposed voter registration and subscriber contact databases to the internet for two weeks. This highlighted the risks of using third party service providers, including lower security and lack of control. The document also provides an overview of ransomware, how it works, and solutions to protect against it such as backups, user education, and moving data to the cloud.

Uploaded by

api-413617976
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
64 views8 pages

Data Breaches

The document discusses a data breach at the Sacramento Bee in 2018 caused by a third party vendor. When the third party performed maintenance, their firewall went down and exposed voter registration and subscriber contact databases to the internet for two weeks. This highlighted the risks of using third party service providers, including lower security and lack of control. The document also provides an overview of ransomware, how it works, and solutions to protect against it such as backups, user education, and moving data to the cloud.

Uploaded by

api-413617976
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 8

Third Party Service Providers

DATA BREACHES & RANSOMWARE


• Sacramento Bee Data Breach 2018
• Risk of Third Party Service Providers
• Ransomware
• January 2018, The Sacramento Bee Newspaper had two databases on a third-party
computer server that were infected with ransomware, exposing voter registration data and
contact information of subscribers

• The information was compromised last month after the third party vendor performed routine
maintenance and the firewall did not come back online. With the firewall down, the
database was exposed to the public internet for about two weeks (Sacbee, 2018)

• ‘The Bee’ did not pay the ransom and deleted the databases
Risks of Third Party Service Providers
• Granting access to an outside party lowers your security level to that of the
provider or vice versa

• Damage to business/personal reputation

• No control over how TPSP’s operate

• Software they use could be vulnerable

• Complete access – Why bother with a firewall?


Solutions
• Conduct a full assessment – Tour facility, meets security standards, security policies set

• Low access to systems – Separated by internal network and firewalls

• Restrict access to specific time periods

• Enforce multifactor authentication – Unique credentials

• Prepare with incident response and disaster recovery plan – Test it


Ransomware
• First seen in Russia and Ukraine 2005

• Prevents or limits users from accessing files


until ransom is paid – if not, files are ‘deleted’

• Targets wide range of users, including


hospitals
Solutions
• Back-ups of back-ups of back-ups – Make them, regularly.
Don’t pay

• User education – Understanding how it is spread and how to


avoid

• Move to the cloud – Although keep in mind, TPSP’s

• YARA – Malware research and detection

• AppData/LocalAppData – Legitimate software can


execute from these locations
Sources
• The dangers of granting system access to a third-party provider. (n.d.). Retrieved from
http://searchsecurity.techtarget.com/tip/The-dangers-of-granting-system-access-to-a-third-party-provider

• How to Protect and Recover Your Business from Ransomware. (2017, May 15). Retrieved from
https://www.pcmag.com/article/345531/how-to-protect-and-recover-your-business-from-ransomware

• The Third Party Data Breach Problem. (2017, July 27). Retrieved from https://digitalguardian.com/blog/third-
party-data-breach-problem

• Voter, Bee databases hit with ransomware attack. (2018, February 7). Retrieved from
http://www.sacbee.com/news/politics-government/capitol-alert/article199008579.html

• Ransomware - Definition - Trend Micro USA. (n.d.). Retrieved from


https://www.trendmicro.com/vinfo/us/security/definition/ransomware

You might also like