In today’s business landscape, cybersecurity is non-negotiable. The threat of cybercrime is a clear and present danger, and it’s getting more sophisticated every day.
The Electronic Arts (EA) data breach serves as a sobering reminder of the devastating consequences of neglecting cybersecurity.
In June 2021, 780GB of valuable data, including the source codes for popular games like FIFA and Battlefield, as well as EA’s proprietary Frostbite game engine, was stolen. This data was put up for sale for a staggering $28 million, leaving EA to deal with the aftermath of a catastrophic breach.
Don’t think that this couldn’t happen to your business. In fact, the EA breach could have been easily prevented. All the perpetrators did was spend $10 and use a bit of patience. They purchased authentication cookies from a dark web marketplace called Genesis, acquiring the login details of EA employees for multiple third-party apps. With this, they got access to credentials like Slack and Gmail.
Pretending to have lost their phone at a party, the criminals infiltrated EA’s IT support slack group. They were able to successfully request a multi-factor authentication token, granting them access to EA’s corporate network.
Failing to find buyers, the hackers made a desperate move. They threatened to publicly leak the data unless EA paid an undisclosed ransom. The hackers made good on their threat, releasing a cache of 1.3GB of FIFA source code on July 14th and the entire data two weeks later.
Garmin is another global brand that suffered a vicious cyber attack in July 2020. The ransomware program WastedLocker, believed to be created by the Russian hacking group Evil Corp, was the criminals’ tool of choice. The attack encrypted key data and demanded a ransom of $10 million. It is unclear if the ransom was paid, but the company claimed that customer data was unaffected.
Mapfre, a Spanish insurer, also suffered a massive ransomware attack that brought its systems to a slow crawl during a busy weekend in 2020. The malware entered the system as spam, but the company’s technology and cybersecurity teams worked tirelessly to repel the attack and protect customer information.
Here are three key steps that you can take to improve your security posture and increase cybersecurity awareness in your organization:
Implement a Zero Trust Policy
The first line of defense in protecting your sensitive information is to implement a zero-trust policy. This means verifying every piece of information, both inside and outside your network, before granting access. Adding this security layer will make it much harder for cybercriminals to get their hands on your valuable data.
Build a Security-Aware Culture
The second step is to build a security-aware culture in your organization. Making security a top priority will create an environment where sensitive information is treated with the utmost care and attention. Regular, real-time security training for your team is vital in understanding best practices for preventing the compromise of collaboration tools and other parts of your system.
Encourage Strong Password Hygiene
Finally, strong password hygiene is crucial to protecting your sensitive information. Encourage your team to change their passwords regularly and use complex combinations of letters, numbers, and symbols. This added layer of protection will go a long way in ensuring that your sensitive information stays out of the wrong hands.
All these data breaches serve as a chilling reminder of the consequences of neglecting cybersecurity.
Cyber crimes like ransomware attacks can happen to any company and often result from human error, such as clicking on a fake link. To prevent ransomware attacks, companies should train employees on essential cybersecurity, manage admin rights, backup data, keep everything up to date, and use a ransomware encryption protection solution.
By implementing a zero-trust policy, building a security-aware culture, and encouraging strong password hygiene, you can ensure that your business remains secure and your valuable data stays out of harm’s way.
Don’t wait for disaster to strike – secure your business today! Schedule a free demo with Zepo to assess your cybersecurity posture.