Data Exfiltration: Definition, Damage & Defense
Data exfiltration is a fancy term we use to describe theft. In this form of security breach, someone transfers, copies, or otherwise takes information from you.
Hackers can sell exfiltrated data on the open market. Credit card information, Social Security numbers, and other valuable bits of information could have thousands of buyers all around the globe.
But hackers might also exfiltrate data to harm your company. Trade secrets, contract negotiations, and client lists could all hurt you if an attacker releases them when you'd like to keep them private.
What Is Data Exfiltration?
We don't lock data in a vault or store it in a bank, like currency. But the information we have on our devices and servers is valuable. Any time someone takes a piece of that data without permission, you're dealing with data exfiltration.
Personal information tied to your employees and customers is a top hacker target. But other pieces hackers might want to steal include:
- Usernames and passwords
- Trade secrets
- Confidential conversations
- Business decisions
Anything you don't want to see on a public bulletin board is a potential data exfiltration target.
Common Data Exfiltration Techniques
You work hard to keep sensitive information under wraps. But your enemies are clever, and they have plenty of tools to use as they work.
Hackers gain access through:
- Poor password maintenance. Only about 35 percent of people use different passwords for all their accounts. Everyone else reuses passwords from account to account. A breach in one account could lead to a breach across all of them.
- Phishing email. A legitimate-seeming email installs malware on your system that a hacker can use for theft.
- Storage devices. Any time data moves from a protected space (like a server) to another device (like a thumb drive), a hacker can steal it. Some thieves use these devices to transport their stolen goods.
- Clouds. Of all companies with a cloud presence, 70 percent have endured a breach. The second most common issue in the cloud is data exposure.
This isn't an all-inclusive list. Hackers have also used plain email to steal from companies, and they've leaned on stolen laptops too.
Can Exfiltrated Data Hurt You?
Attacks like this happen silently, and sometimes, companies don't notice them right away. Losing even one bit of protected information is dangerous. But losing a lot of it can be downright devastating.
Famous examples include:
- Anthem. In 2016, a disgruntled employee emailed personal data to himself, including Medicare ID numbers, Social Security numbers, and names. Each one was a security violation for Anthem, with fees involved.
- Amazon. In 2020, an employee leaked the email addresses of customers to a third party. This data breach came on the heels of other breaches, and it likely made customers worry about their data and Amazon's practices.
- Wawa. In 2019, the store discovered malware on payment processing servers. Hackers were deep inside for months before Wawa contained the problem.
- Magellan Health. In April of 2020, an attacker sent a phishing email to an employee. The note seemed legitimate, but when the employee engaged with it, it installed malware. Hackers gained access to a great deal of information, and later, they held that information ransom.
Data Exfiltration Prevention Tips
While hackers are clever, you have plenty of prevention tools at your fingertips. Put them to use, and you could stop theft before it begins.
Try these four tips:
- Implement intrusion detection and prevention systems (IDPS). These tools can spot unusual behaviour, including rampant file copying, and take action to stop it.
- Educate your employees. About 30 percent of people say resetting their passwords is as stressful as retiring. Remind them that their hard work is worthwhile.
- Encrypt data at rest. Make it harder for hackers to steal from you. Lock down anything in your server so it's unreadable.
- Block suspicious programs and websites. Don't let your employees hand out their credentials on sites and programs you haven't vetted. Keep your staff from accessing them, if you must.
Let us help. Okta's tools help you protect your employee and customer sign-ons and secure data.
Learn more about how we can help.
References
5 Types of Business Data Hackers Can't Wait to Get Their Hands On. (May 2020). Entrepreneur.
Online Security Survey, Google/Harris Poll. (February 2019). Google.
70 Percent of Companies Have Suffered a Public Cloud Data Breach in the Past Year. (July 2020). HIPAA Journal.
Anthem: Insider Threat Exposes Data of 18,000 Medicare Members. (July 2017). Healthcare IT News.
Amazon Fired Employee for Leaking Customer Emails. (October 2020). Vice.
Wawa Data Security Incident. (December 2019). Wawa.
Magellan Health Data Breach Victim Tally Reaches 365k Patients. (July 2020). Health IT Security.
30 Percent Find Resetting Passwords as Stressful as Retiring. (July 2020). Small Business Trends.