6 Lessons From Major Data Breaches This Year

Data breaches can have many causes, but most of them boil down to an organization failing to do something or detect something they should have if they had been following security best practices.

Even so, these attacks can reveal a lot about the bad guys' tactics, techniques, and procedures, the state of malware, and developing trends on the threat horizon.

Many ransomware attacks, for instance, might have the same root cause — like a poorly configured RDP server that provides an initial foothold on the network, or a user clicking on a malicious attachment and downloading malware on their system. Yet today's ransomware attacks are very different from those of even a year ago. Many involve double- and triple extortion schemes where attackers not only encrypt data but also use data theft and denial-of-service attacks as additional forms of leverage. As a result, the impact of ransomware attacks — and the responses to them — are different today than they might have been just a year ago.

Similarly, while phishing continues to be one of the most common initial attack vectors, phishing schemes themselves have become a lot more sophisticated and targeted, with many attacks now combining the use of email, text messages and phone calls.

Here's a look at some breaches or clusters of similarly themed attacks over the past year that served up (or resurfaced ) some key lessons for security leaders.