In this 3-part blog series, we discuss how each of the 3 pillars, Cyber Threat, Data Leakage, and Reputational Damage, contributes to Digital Risk Management. In part 1, we discussed how understanding cyber threats requires a threat intelligence capability and consists of 4 main areas. In this next blog, we discuss the main areas that contribute to data leakage risks.
Leaked information can provide valuable clues for adversaries. Below are 6 main areas that contribute to data leakage risks.
1. Sensitive Code
Sensitive code and private encryption keys that are publicly available on code-sharing sites. This can allow attackers to better tailor their attacks to an organization.
2. Credential Compromise
Employee credentials are exposed in third-party breaches. These credentials are then used by attackers for account takeovers, spam lists, credential stuffing, spear-phishing and post-breach extortion.
Figure 1: A criminal forum discussing various configurations for SentryMBA, a credential stuffing tool
3. Private and Confidential Documents
Sensitively marked documents are inadvertently leaked out by partners and employees. As well as opening up organizations for corporate espionage, it also allows attackers to weaponize legitimate-looking documents and launch targeted attacks.
4. Intellectual Property
Intellectual property is freely available and shared online, inadvertently and by malicious actors. This can leave organizations vulnerable to corporate espionage. But if an organization is aware that a new design, for example, has been leaked early, they can get it removed and mitigate accordingly.
5. Social Media Over-Sharing
Employees reveal information about security procedures, software and hardware. This information can be used by attackers as they perform reconnaissance on an organization, seeking out specific software to exploit.
Figure 2: A company tweet that inadvertently shares the company wifi password
6. Personally Identifiable Information (PII)
Organizations and their supply chain may be inadvertently exposing customer PII. This information can have a compliance impact, given the recent EU General Data Protection Regulation (GDPR).
This information leaves organizations vulnerable to corporate espionage and competitive intelligence. Worse still, criminals and hostile groups can exploit this leaked data to find the organization’s weak points and launch targeted cyber-attacks. By monitoring for this leakage, organizations can gain an awareness of where they are exposed and remediate.
To learn more, check out our web page on digital risk management, or check out our 1 pager below.