Cybersecurity Glossary: Breach

Definition
A breach comes as a result of a cyberattack that allows cybercriminals to gain unauthorized access to a computer system or network and steal the private, sensitive, or confidential personal and financial data of the customers or users contained within.

Significance
Breaches come in many forms:

-An exploit is a type of attack that takes advantage of software bugs or vulnerabilities, which cybercriminals use to gain unauthorized access to a system and data. These vulnerabilities lie hidden within the code of the system and it’s a race between the criminals and the cybersecurity researchers to see who can find them first. 

-A SQL injection (SQLI) is a type of attack that exploits weaknesses in the database management software of unsecure websites in order to get the website to spit out information from the database that it’s really not supposed to. Here’s how it works: A cybercriminal enters malicious code into the search field of a retail site, for example, where customers normally enter searches for things like “top rated wireless headphones” or “best-selling sneakers.” Instead of returning with a list of headphones or sneakers, the website will give the hacker a list of customers and their credit card numbers. 

Spyware is a type of malware that infects your computer or network and steals information about you, your Internet usage, and any other valuable data it can get its hands on. You might install spyware as part of some seemingly benign download. Alternatively, spyware can make its way onto your computer as a secondary infection. Once your system is infected, the spyware sends all your personal data back to the cybercriminals.

Phishing attacks work by getting us to share sensitive information like our usernames and passwords — often against normal logic and reasoning — by using social engineering to manipulate our emotions, such as greed and fear. A typical phishing attack will start with an email spoofed, or faked, to look like it’s coming from a company you do business with or a trusted coworker. This email will contain aggressive or demanding language and require some sort of action, like verifying payments or purchases you never made. Clicking the supplied link will direct you to a malicious login page designed to capture your username and password. 

Broken or misconfigured access controls can make private parts of a given website public when they’re not supposed to be. For example, a website administrator at an online clothing retailer will make certain back-end folders within the website private, i.e. the folders containing sensitive data about customers and their payment information. However, the web admin might forget to make the related sub-folders private as well. While these sub-folders might not be readily apparent to the average user, a cybercriminal using a few well-crafted Google searches could find those misconfigured folders and steal the data contained in them. Much like a burglar climbing right into a house through an open window, it doesn’t take a lot of skill to pull off this kind of cyberattack.

Cybersecurity Glossary | View next term