Thus the data is stolen today: how the attackers enter and what consequences it has

Thus the data is stolen today: how the attackers enter and what consequences it has

Current digital threats no longer make noise when they enter. In many cases they infiltrate silently, taking advantage of a distraction, a technical failure or a human error. Far from being isolated incidents, data theft are part of carefully planned campaigns, led by malicious actors who know in depth the vulnerabilities of organizations. Security today does not depend only on what a company does internally, but also on its access policies, the patches it omits and the behaviors it normalizes.

One of the most common attack vectors is still email. Techniques such as Phishing or Spear-Phishing are the origin of 91% of the gaps, according to the Data Breach Investigations Report in Verizon. Fraudulent links, attachments with scripts or hidden malware allow attackers to enter corporate networks effectively.

Another critical route is unf -patch vulnerabilities. In Argentina, 68% of SMEs admit not to have a complete systems update policy, according to Isaca. Only in 2023, more than 35% of unauthorized accesses in Latin America originated in remote access software such as RDP or VPN, according to Cisco.

The supply chain (suppliers, partners or third parties with which access and operations are shared) also implies a high risk. In April 2023, a regional IT supplier in Uruguay was attacked through an exploit. Credentials were stolen and three banking entities in Uruguay and Paraguay were committed, with losses for more than $ 800,000.

The human factor is not far behind. 22% of the incidents in companies between 250 and 1,200 employees involved a collaborator, according to Cybersecury Insiders. Whether due to negligence or voluntary action, weak configurations and lack of internal control amplify the risk.

In cloud environments, configuration errors also generate serious consequences. Databases in AWS, Azure or Google Cloud can be exposed if storage buckets are not properly configured. In 2023, one in four health sector companies in Uruguay reported incidents linked to this cause, according to Forbes Latam.

Recent cases account for these failures. In June 2023, the Montevideo Clinic Hospital was a victim of Ransomware: more than 200,000 encrypted clinical records, a rescue request for $ 100,000 and a total recovery cost that exceeded 350,000. Although he had firewalls and antimalware, the lack of monitoring and an response plan left him vulnerable.

In November 2022, Sancor Seguros in Argentina suffered data filtration of more than 300,000 clients after a Spear-Phishing campaign. A malicious file downloaded by an employee gave persistent access to the network. Personal data, policies and financial information were leaked. The company had to activate a contingency plan and notified the authorities.

In March 2024, DKV Seguros in Spain confirmed a ransomware attack that affected 120,000 clients. The gap, initiated by a VPN server without patches, allowed access to medical records. Losses exceeded 2 million euros.

These episodes show that data theft does not distinguish sector or country. What is repeated is a false sense of security based on basic controls or isolated solutions. Without professional and sustained management, the risk not only persists: scale.

The consequences of a gap exceed data loss. According to Gartner, 78% of attacked organizations face critical interruptions of more than 48 hours. For a medium -sized company, that can represent losses of up to $ 100,000 per day. To this is added reputational damage: 56% of customers leave a service after filtration. In health, loss of trust reaches 70%, according to PWC and Accenture studies.

From the legal level, the sanctions also weigh. In Spain, breach of the RGPD may imply fines of up to 4% of the annual billing. In Uruguay, Law 19,529 contemplates sanctions of up to $ 100,000. In Argentina, Law 25,326 requires notifying sensitive leaks in less than 24 hours.

The average containment cost of an incident is 1.2 million dollars, according to the Cost of Data Breach Report of IBM. To this are added communication campaigns, legal assistance and, in some cases, collective demands. Even more worrying: 43% of medium -sized companies that suffered a cyber attack failed to recover financially in the first year, and 13% definitely closes, according to IDC and the Ponmon Institute.

The only sustainable output is to adopt a comprehensive cybersecurity approach. This implies managing the entire protection cycle: asset identification, risk analysis, defense technologies (Firewalls, EDR, MFA, SIEM) and post-incident response plans. It is not enough to add tools: it is about integrating capacities, processes and organizational culture.

The risk does not disappear, but can be managed with strategy and knowledge. Resilience is born from visibility and preparation. And cybersecurity is no longer an exclusive issue of the IT area: it is an essential pillar for the continuity of any business.

Source: Ambito

Leave a Reply

Your email address will not be published. Required fields are marked *

Latest Posts