12/09/2014 / 0 Comments
Perhaps the most widely covered and analyzed security breach in recent months is the case involving Target Corporation, in which approximately 40 million customer payment card accounts were compromised during a span of just three weeks.
The company CEO and CIO were both dismissed in the aftermath, and the company has estimated the costs of the breach to be nearly $150 million in just the second quarter of 2014 alone.
In the Target incident, an email malware attack was used to steal the network login credentials that Target had issued to an HVAC vendor.
By stealing those credentials and using them to gain access to the Target network, attackers were able to deploy point-of-sale malware that scraped computer memory to steal consumer payment card data from thousands of check-out registers.
A variation of this same malware strain was later used in a successful attack that compromised 56 million consumer payment cards at Home Depot.
But the largest single attack in recent history is the infamous Russian hacking case. In this case, attackers targeted the websites of businesses and organizations of all types and sizes, making no distinctions between them.
First they obtained data from botnet networks of compromised computers to identify SQL vulnerabilities on websites that victims visited.
Then they used these vulnerabilities to hack into the sites’ databases and steal massive amounts of confidential user data.
The end result was over 420,000 websites being compromised and over 1.2 billion user credentials being stolen.
With threats like these and countless other schemes involving hacking, phishing, and malware, businesses face a daily threat of attacks, and if your company has a website, servers, user accounts, and confidential data to protect, then you may be the next target.
In nearly all of the highest profile cases involving data breaches, the common denominator is weak and outdated authentication security.
Attackers can easily exploit this vulnerability, as they continue to do every day, and companies that are slow or hesitant to upgrade their authentications security could be the next victims.
Thankfully, all of this can be addressed with advanced cryptography and next-generation authentication security with a technology that can be deployed in the cloud or on-premise.
Using public key cryptography, which meets industry-leading FIDO Alliance specifications for authentication security, companies can quickly and easily upgrade their user authentication and make it physically impossible for cybercriminals to compromise their user accounts.
To find out more about public key cryptography and how this next-generation technology can protect your company, contact SecSign Technologies to request a free consultation.
Want to learn more about SecSign’s innovative and highly secure
solutions for protecting your user accounts and sensitive data?
Use our contact form to submit your information, and a SecSign sales representative will contact you within one business day.
If you need assistance with an existing SecSign account or product
installation, please see the FAQs for more information on the most common questions. You don’t find the solution to your problem? Don’t hesitate to contact the
Product Support
I am Interested in