New Cyber Threat: Data Exfiltration
Download MP3When it comes to cyber security, things like ransomware or hacking might not be the most common or dangerous threat anymore. The new most common type of hack is what's called data exfiltration. This is something that your company should be very worried about because it's worse than a ransomware attack.
When a ransomware attack happens, the hacker gets into your system and locks down your data. It scrambles or encrypts your data and says, "Look, if you pay as a ransom, we will unencrypt or unlock your data." And that's a little bit easier of a problem to solve because you could pay to unlock it, or sometimes you can just disconnect your computers from the internet and hire some expert to unlock it locally. Well, exfiltration is different.
Exfiltration is when they download all your data, exfiltrate it from your server, and then delete or wipe your server. So now they have all your information. You can't restore it on your own, and sometimes they don't even ask you for ransom. They just sell it to somebody else—your competitor—on the black market, on the dark web. And it might be more valuable just to sell it than any ransom you pay. Even if you pay a ransom, now they have a copy of it, so they can do whatever they want with it. So, data exfiltration is much more dangerous than a hack or a ransomware attack.
Is this something you want to be protected from? Well, you can buy certain types of cyber liability insurance. Some of it covers these types of attacks, some don't. Make sure that when you're looking at your policy that you're going to purchase for cyber liability insurance, if you do want to be covered for data exfiltration, that you specifically make sure that's part of your coverage. Because cyber liability policies are not standard policies, in most cases, they're what's called excess and surplus lines. Every policy is going to be different, and it might be different for different companies based on your threat profile.
So, be aware of data exfiltration as a cyber attack vector on your server, and make sure that if you have good cyber defense built in, that you have a tripwire that if you see large amounts of data being downloaded from your system, that it'll notify somebody or just shut down the connection to make sure you're not a victim of this new type of hack against corporate clients.
