Users are improving and strengthening their authentication due to the increased risks of cyber attacks. Nowadays, relying on usernames and passwords to secure crucial information is like leaving the house just by closing the door and not even locking it.
With the advent of technology and the increased number of attacks, information is easy to obtain. For instance, attackers can obtain usernames and passwords from phishing attacks or buy stolen data containing passwords from a third-party seller. So, there are numerous possibilities of how bad actors can access the accounts.
Hence, it is the best time to implement 2-factor authentication, where users have to bypass two channels of authentication to access their accounts. This might be time-consuming, but it is essential for the safety of the data. Google has claimed that adding a recovery phone number to your Google account blocks upto 100% of automated bots, 99% of bulk phishing attacks, and 66% of targeted attacks.
Let’s understand the importance of strong authentication practices with the recent incident.
Real-Life Story: How Lack of Robust Authentication Can Be the Reason That Begins a Cyberattack?
This is a recent incident in which Change Healthcare, a subsidiary of global health company UnitedHealth, became a victim of a cyber attack. Rick Pollack, president and CEO of the American Hospital Association, stated that it was the most significant incident of its kind against the US healthcare system in history.
Change Healthcare is one of the biggest health payment processing companies in the world. The recent attack disrupted operations and put at risk the survival of countless healthcare providers due to delays in patient care, settlement, and reimbursement. Doctor offices and hospitals were struggling due to cashflow problems, hindering patients’ access to healthcare services.
Here’s what happened. Change Healthcare became aware of the ransomware deployment in their computer systems on 21 February 2024 and immediately implemented the risk mitigation plan into action. They also disconnected the networks and turned off the systems, making the operations totally offline.
A week later, ALPHV/Blackcat Ransomware Group claimed responsibility for the attack and mentioned that 4-6TB of data, including personal information, insurance records, payment details, and other sensitive data, was stolen.
The attackers somehow gained unauthorized access to Change Healthcare’s network. The hackers deployed ransomware and encrypted the data. According to security researchers, the victim company paid a ransom of a whopping $22 million through Bitcoin. The group pulled out an exit scam, meaning they took the money and run.
UnifiedHealth group confirmed that protected health information was exposed. This breach is assumed to have exposed the data of one out of every three Americans, and the full scale of the breach has yet to be evaluated.
Upon investigation, it was found that the attack occurred because ChangeHealthcare wasn’t using MFA (multi-factor authentication). Due to the absence of improper authentication methods, the healthcare and personal data of a substantial portion of Americans were taken.
The Need for Secure Authentication Practices
The recent example clearly explains why every institution or organization should implement secure authentication protocols to avoid such massive cyber attacks due to simple security gaps. Nowadays, stolen password data is easily available, and brute-force attacks make it easy to overcome the barrier of usernames and passwords to access accounts.
Organizations require another layer of authentication barrier to ensure the right person is accessing their account. This is what 2-factor authentication (2FA) or multi-factor authentication (MFA) is all about. Once the user enters the password, they are required to use a second factor to complete the authentication process. This second factor can be anything, like a one-time password received on a phone or email, entering personal information which only the user knows, location factor, or biometrics.
According to a report, the use of 2FA increased by 51% from 2017 to 2021. 2FA can mitigate risks associated with stolen passwords, phishing attempts, brute-force attacks, keylogging, and social engineering.
However, the reality is different. The DCMS Cyber Security Breach Survey 2022 reports that only 1 in 3 organizations have implemented two-factor authentication.
How is Personal Data Connected to Online Services?
Whenever a user visits a website or application on the Internet, they leave a digital footprint that reflects their identity. This footprint could entail basic details like name, email address, or phone number and other data related to the user, such as browsing history, location data, and others.
The websites can even track previously visited websites, search terms, previously clicked-on links, items added to the shopping cart, and detailed purchase information, like the shoe size, shipping address, and credit card details.
Now, companies use various methods, like website tracking through cookies, forms filled by users, and purchase records to build data profiles. This information is stored in a centralized database, where anyone (with appropriate access controls) from any department, whether finance, customer service, or marketing, can utilize it.
However, with the increasing interconnection between systems, data flow has become seamless. For instance, you must have heard of Single Sign On, where you can create an account on a specific website using your social media credentials, like Google or Facebook.
If you notice it carefully, it notifies you that your Google profile will be shared with the respective website. Hence, even though you didn’t provide any information to the specific website, it still has access to your personal information entered on your Google account through Single Sign On.
Similarly, third-party APIs are used by online services to pull data from other platforms. For instance, if you visit a retail store website that also has physical outlets, you might find a Google Maps API at the bottom of the website so you can easily search for outlets near your address.
Now, Google Maps API collects data like the user’s location (if shared), IP address, and interaction with the map to improve its services. However, the website that has embedded the Google Maps API will also store this data.
Another common way is through a data broker. A data broker can be a person or a firm that collects personal user data from the Internet and sells it to a company. Data Brokers collect data in numerous ways, such as third-party companies (when you open a website and give permission to share your consumer data), public profiles, and many others.
Your data is being collected and used. However, it is your responsibility to protect it so that it cannot be used in the wrong way.
How to Protect Your Data From the Unknown Eyes?
It is impossible to know who is using your data and in what ways they are using it. Hence, it is important to remain updated about all the new data security practices to keep your data protected. Here are some steps that you can take to protect your data:
Utilize Encryption.
Implement SSL (Secure Socket Layers) Certificate.
Use Strong Authentication Mechanisms.
Keep the Software Updated.
Manage Data Consents.
In What Ways the Collected Data Can Be Used?
Most organizations and companies use data to increase their audience base and learn more about consumer behavior. Data can also be used to provide customized content and ads that match your recent search, improve user experience, and shape business strategies.
However, things go wrong when the collected data is used for cyber attacks. For instance, your personal data, such as name, email address, phone number, and others, can be used to impersonate your identity and apply for a loan or credit card on your behalf.
There are also DeepFake AI frauds, in which the original image of a victim can be modified and manipulated using AI tools, creating an image or video intended to harm the victim’s reputation online or using that image for wrong purposes.
Hence, it is critical to understand what we are sharing and with whom. A rule of thumb is that if you have inspected the website yourself and found it safe, then only proceed to share your information with them. Cross-verify everything before responding to any email or request on the Internet.
The Bottom Line,
Whether you are a business in the retail or healthcare industry, you hold the personal information of many users that could create havoc in their lives if it is leaked. These attacks not only affect your reputation and break the trust of your customers, but they might also land you in a swamp of legal and compliance issues.
That’s why partnering with CelerityX is essential. Stay updated on cybersecurity practices and implement the industry-best protocols to secure your IT infrastructure. CelerityX can help you conduct frequent audits to identify and close gaps that might be the key to accessing your entire network.
