What is Data Exfiltration?

What is Data Exfiltration?

As a business, the data you keep safe is probably your most important asset and possession, aside from your clients or customers. So what happens when cyber criminals get ahold of that data? Or if an employee leaves the company and takes any sensitive data they have access to with them? And what if there is a threat to release this data publicly? This act of taking data from an authorized device to an unauthorized one is called data exfiltration

The History of Cyber Crime

To understand data exfiltration, it’s important to understand that it’s been around for a long time. Cyber criminals have been gaining access to devices or networks and extracting (or exfiltrating) the data from a business's devices since 1963. We know, we know…the internet wasn’t invented yet. But that didn’t mean sensitive data wasn’t about to be stolen! The history of cyber crime began when Allen Scherr launched an attack on the MIT computer network by stealing multiple passwords via punch card. The first person to ever be convicted of a cyber crime was Ian Murphy in 1981, when he hacked into AT&T’s internal system, changing all their computer locks. From there, cyber attacks got and have gotten increasingly worse with the invention of the internet and as technology continues to advance. 

If cyber crime could exist and be detrimental before the technology we have now even existed, you can imagine how dangerous it can and will continue to be.

Data Exfiltration Tactics

There’s a variety of ways cyber criminals gain access to internal data and information:

Phishing Attacks

There are many different types of phishing scams, but the most common are spear phishing, whaling, and voice phishing. These attacks all target different levels of people within your company—spear phishing is more sophisticated in nature, and cyber criminals tend to use it to target lower-level employees (ie., not C-Suite executives); whaling scams target C-Suite executives such as CEOs, CFOs, etc., and are typically used to garner more important information like financial documents; voice phishing scams target any and everyone. Cyber criminals use voice phishing in attempts to gain access to information over the phone such as an account or social security number. 

Insider Data Exfiltration

This is when someone within an organization leaks sensitive data to third-party vendors, organizations, or criminals. One example of this happened between 2015 and 2017, when an employee at Anthem Health leaked the private health information (including social security numbers) of over 18,000 members to a third party vendor, resulting in numerous cases of identity theft. While this kind of risk can’t always be mitigated, it’s imperative to coach and train your employees on the importance of cyber security, and the ramifications it can have if you mistreat inside information.

Outbound Emails

In some cases, cyber criminals will use email to exfiltrate any data connected to email systems—calendars, databases, images, etc. They do this through sending an outbound email or text message typically with a link or fraudulent attachment. This is one reason why email is actually one of the least secure ways to send information or sensitive data! It’s important to keep your data, stored somewhere that is not accessible via your email account. 

Ways to Prevent Data Exfiltration

It’s important to keep sensitive information secure, especially if you’re dealing with or managing sensitive customer data such as health information, banking information etc. So what are some things you can put in place to prevent data exfiltration, both internally and externally? Here are three ways to decrease your risk:

  1. Implement multi-factor authentication. This will ensure that the people who are logging onto your company’s server or attempting to access sensitive information are authorized to do so.
  2. Monitor user activity. Especially when it comes to adding and deleting sensitive data, you (or an administrator) should take time—often—to check in on who has access to what, where everything is living, and how information is being used.  
  3. Keep your devices up to date. Software updates tend to include security improvements, too. Failing to keep your devices up to date can make your team more vulnerable to outside threats.
  4. Disable the ability to connect and use external hard drives or thumb drives. USB drives can be used by criminals to install malicious software (malware) onto a device. They can also be used to download sensitive data from an authorized device and upload it to an unauthorized device, compromising your data or your customers’ data.
  5. Implement hard drive (Full Disk) encryption on mobile devices. Without this level of protection, if someone steals a laptop, it’s easy to remove the hard drive and connect it to another system or device to exfiltrate the data.  

Keep Your Data Secure

We say it all the time, but finding ways to guarantee your data’s security is imperative as a business. You cannot run a successful business if your data’s safety is constantly in question! While we listed a few common tactics here, cyber criminals are always looking for ways to infiltrate your systems, and exfiltrate your data. The best way to keep your information—and your customers’ information—secure is by working with a trusted Managed Service Provider who can come in and make the necessary changes to your network, processes, and storage. The safety of your data and the safety of your clients’ data is worth the extra step. We’re here to help!

More Articles

  • Sean Peters

Why You Need a Password Manager

  • Sean Peters

What is Malware?

  • Sean Peters

What is Data Exfiltration?