Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more

Data Security Lessons from Recent Anti-Virus Companies’ Breaches

Ironically, even anti-virus companies aren’t immune to breaches. Just recently, it was found that three major US cybersecurity companies were hacked by an international cybercrime group that calls itself Fxmsp.
 
The Fxmsp breach 
Last April, a high-profile Russian and English-speaking hacking collective called Fxmsp attacked three top anti-virus companies in the United States. The company extracted sensitive source code from the companies’ anti-virus software, security plugins, and AI technology, and is offering to sell the source code, as well as access to the networks, for over $300,000.
 
The breach continues to be investigated by the FBI, and the victims haven’t yet been officially identified. A report by Bleeping Computer provides us with some clues, suggesting that the victims are McAfee, Symantec, and Trend Micro.

This isn’t the first time anti-virus companies have been hacked. In 2012, it was found that hackers breached the Symantec network six years earlier, stealing Norton security’s source code. In 2015, both Kaspersky and Bitdefender were attacked. All three companies claim that the hacks had no significant impact, but the attacks nonetheless reveal that no one is immune to attacks, and that even the experts need to work to keep up with ever-evolving attack strategies. 

Being smart about your data: The Fxmsp breach’s biggest lesson
Now, four years later, the Fxmsp hack is another attack on major anti-virus companies. There’s a lot we still don’t know about these breaches, but what we do know is that hoards of sensitive data have been compromised.

The lesson we’ve learned, in addition to the fact that these cybersecurity companies might need to take a closer look at their own security, is that more data makes companies more vulnerable. 

Personal information about customers is a valuable target for hackers that want to extort cybersecurity companies or sell that data on the grey market. That means if cybersecurity companies didn’t collect all this personal information to begin with, they wouldn’t be such vulnerable targets, and the repercussions of attacks would be far less severe.

Cybersecurity companies need to cut down on the questions they ask their customers and on the amount of data they collect, both for their customers’ sakes and their own. While the victims in this particular case didn’t collect such personal details as driver’s license and social security numbers, CSO reports that the breached records did include details like marital status, income, and race. 

It’s dubious whether the collection of such personal data was actually necessary for the company to fulfil its business needs. A responsible cybersecurity company isn’t one that collects data indiscriminately just because they can; on the contrary, it’s one that minimizes their customers’ vulnerability to exposure by collecting only the data they really need.

In an era of customer-focused business and tight data protection regulation, the most successful cybersecurity companies - in addition to the least vulnerable - will be those that promise not only to protect their customers’ data, but also to collect as little data as possible in the first place. 

Moving forward: How to strengthen your own data security
 
Companies should have a reliable anti-virus program in place, but they shouldn’t rely on that alone. A breach as disastrous as this serves as a valuable lesson for the steps companies must take to strengthen their data security strategy. Here are five ways companies can improve their data security:
 
1. Have a strong anti-virus program
The most basic element for preventing attacks is to have a strong anti-virus program. Look for anti-virus software that have high malware detection rates and that are relatively easy for employees to use and understand.
 
2. Secure the entire network
Companies should constantly examine their network perimeters to monitor any externally exposed data. This includes evaluating the extent to which mobile and IoT devices connect to the company network, monitoring cloud servers, incorporating two-factor authentication, and embedding security programs within the devices themselves.
 
3. Make employee training a priority
The Fxmsp breach could have been caused, in part, by spear-phishing emails. Teaching employees how to properly respond to phishing and other types of threats is a critical part of securing your company.
 
4. Vet your partners

Any time you contract a third party company - whether for their vending solution, marketing platform, or more - you need to first come to a clear understanding about how that company will be using your data. You should also make sure that the third party organization has robust security protocols in place so that your data will be safe with them.
 
5. Set aside time for “fire drills”
As we know from fire drills, simulating a disaster prepares us for responding in a real emergency. By simulating attacks, companies can find their weak links, strengthen their security systems, and develop a protocol for responding to breaches. 


Joseph Chukwube is an Entrepreneur, Digital Marketer, and Tech enthusiast. He's the Founder and CEO at Digitage, a digital marketing agency that specializes in content marketing and SEO to help businesses improve their online visibility.


What’s Hot on Infosecurity Magazine?