The Ashley Madison hack has resulted in a possible exposé of the biggest black book to name and shame in history. Given the sheer mess that Ashley Madison users are going to be tangled up in, it’s proving to be a tough case for the business to stay afloat in the market. If there is one glaring takeaway that we all should have from this, it is that organisations should prioritise security above all else.
Having said that, Trend Micro has put together a quick list together of a few notable companies who really need to have security at the front and centre of their game due to the nature of their business.
1) Discreet dating websites/services like Ashley Madison and Adult Friend Finder – Because who would want to use such a service without privacy?
Earlier this year, online adult dating site Adult Friend Finder reported that they had been breached, with theinformation of close to 4 million of its subscribers being leaked on a darknet forum, exposing emails, usernames, dates of birth, ZIP codes. Similar to Ashley Madison, the details that were leaked amounted to something more than just about protecting an account. It’s about protecting private, personal details and a reputation. When personal details of this nature become public, this opens up the breach victims to blackmail and extortion—at the very least, they could expect situations that involve Internet shaming and awkward explanations.
2) Online retailers like Amazon – Lose trust, lose your customers
s to have the ease of being able to shop online without being at risk of having their personal details exposed and stolen. With multiple transactions involving credit card details and banking information, it’s a gold mine for cyber attackers.
3) Cloud storage and sharing services like DropBox and iCloud – Wealth of personal and confidential business data
Ensuring server security and providing secure processes such as two factor authentication reduces the risk and increases security for data storage. Similarly, let’s not forget that users also have to play their part in being savvy on having hard-to-guess passwords and so on.
4) Messaging services like WhatsApp and WeChat – What if a hacker was able to read all your intimate conversations?
Ever popular Snapchat suffered a leak of personal photos and videos and was dubbed the ‘snappening’ when a third-party app that allowed people to save pictures from Snapchat was breached. Whatsapp had announced earlier this year of a new partnership with Open Whisper Systems to bring end-to-end encryption to the service using cryptographic key that’s unique to individual devices, in hopes to make up for their past troubles in securing users’ communications from being leaked. Viber also started pulling their socks up to fix vulnerabilities that were pointed out by experts.
5) Email services like Gmail and Outlook.com – Hackers potentially accessing confidential data and emails
Similar to #3, it’s on both the business and the user to provide and understand security measures that should be taken. Being cautious to targeted attacks such as phishing scams is one example. Trend Micro’s 2014 Roundup Report “Magnified Losses, Amplified Need for Cyber-Attack Preparedness” showed an 88.65% increase in the volume of phishing sites in 2014.
We know that a security breach can really disrupt an organisation’s revenue and break their customers’ trust. Some users will not trust companies that protect their data just to comply with regulations. Companies that hold the personal data of their users need to go above and beyond what regulations call for, to reassure their users that they are doing all they can to protect their users.
Companies have been threatened for years with crippling distributed denial of service (DDoS) attacks that could take them offline and cyber attackers definitely won’t stop now. As per Trend Micro’s recent blog post, in the wake of the Anthem, Premera, CareFirst, IRS and OPM compromises, an advent of more serious and personal data leaks is on the rise. The stolen information can be used in a worst-case for blackmail with much more serious real-world consequences than just the loss of some money. It’s no longer just about credit cards and money, it’s about people’s lives and livelihoods.