Data Breach Threats in the Real World: How MSSPs Can Help Mitigate Them

The U.S. Customs and Border Protection said this week that travelers’ images and personal data such as driver’s license info were compromised in a breach. While the threat of identity theft is very real, the real-world implications of one or more data breaches like this one will likely far exceed this expectation.

Critical Start’s Callie Guenther

“It does no good to have people well-trained in the technical aspects of security if they forget that their clients are real feeling people who are fearful in a world of the unknown,” said Callie Guenther, cybersecurity expert at Critical Start.

There’s more to fear than fear itself in data-breach implications.

“If [traveler] images were stolen [in the US Customs and Border Protection breach], they could easily be sold. This is especially concerning if images of government officials, diplomats, military members, members of Congress, and or known criminals were compromised and subsequently forged. This could provide access across a border, to classified spaces, or facilitate a number of other unauthorized activities,” added Guenther.

These threats are not far-fetched.

“Keep in mind that espionage and criminal activity are nothing new,” said Mark Trinidad, senior technical evangelist with Varonis.

Even so, knowledge is power, and these days that knowledge comes in the form of digitalized data. There are many ways to wield that power against a government, organization or an individual. Below are just a few, but they are also among the most common physical implications.

1. Blackmail. “Breach data can be used to blackmail people. This is common technique used to manipulate people with clearances to disclose classified info,” explained Jeff Williams, CTO and co-founder at Contrast Security.

2. Deepfake information. From deepfake videos like the one of Facebook’s Mark Zuckerberg, to falsified identity documents to fool TSA and other agencies, manipulating information is a serious threat on many levels.

“The long-term consequences to the travel and tourism industry could be catastrophic,” said Guenther.

3. Assassination by medical records. “Stolen information facilitates and perpetuates fraud, but an even bigger threat involved changing or deleting critical information. Medical records could be changed or deleted to dupe doctors into giving the wrong care to patients in an emergency when time is short, for example,” warned Trinidad.

Point B’s Steven Weil

4. Outing spies and informants. “Data breaches that enable unauthorized access to sensitive personal information, such as the 2015 Office of Personnel Management breach, could be used by sophisticated attackers, such as a nation state, to identify spies or blackmail employees,” explained Steven Weil, cybersecurity consultant with Point B. “A breach that revealed spies or other undercover government employees could result in the employees being denied entry to a country, being detained or being covertly monitored while they travel.”

5. Kidnapping of executives and key personnel. “A breach that revealed the detailed travel plans of senior executives could enable criminals to kidnap the executives and hold them for ransom,” said Weil.

6. Development of war and bioweapons. “Certain private organizations, such as RAND, and government laboratories, for example the U.S. Army Medical Research Institute of Infectious Diseases [USAMRIID] likely have data, that if breached by a nation state, could be used to …