What explains the decrease in leaks?
The authors of the study indicate that the downward trend in the number of leaks continues for the second year, and the maximum was recorded in 2019, when cybersecurity experts registered 2,639 leaks and more than 15 billion compromised records. This trend may be due to several factors, including the impact of COVID-19.
During the pandemic, due to remote work in many companies, control over information resources has weakened, which has created many vulnerable entry points to corporate networks around the world, InfoWatch points out. The authors note that therefore, more leaks than previously could have gone unnoticed by data owners or operators, or were deliberately hidden from company management and government agencies that need to be notified. Also, they remind InfoWatch, data on leaks from last year regularly hit the Web at the beginning of the next year (and reports from cybersecurity experts also come out late. — RBC).
Read on RBC Pro
More than 70% of Russians declared vulnerability from data leaks
InfoWatch analysts also believe that in the pre-pandemic years, hackers managed to steal so much personal and payment data that in 2020-2021 the underground market had enough sources to sell and resell the stolen databases, both in whole and in separate fragments. In addition, during the pandemic, in some countries, fraudulent schemes related to social assistance, subsidies and other measures to support the victims were often used, and to obtain them, a minimum set of data was enough – full name, address and social security number, which rarely change. Therefore, the older databases of 2019 remained relevant.
In addition, by 2021, technological measures to protect information infrastructure gradually began to bear fruit, especially in large companies.
InfoWatch analysts also point out that the development of malicious software has led to the widespread use of ransomware viruses, when using which hackers do not steal personal data, but block access to it, and then demand a ransom from the owners.
What and where most often leaks
The dominant type of stolen information is still personal data. At the same time, the number of payment data leaks is declining: the security of banking infrastructure is growing, and even if attackers manage to access information from there, it becomes increasingly difficult to monetize it, unlike personal data, the study says.
The company’s experts also noted increased attention to trade secrets and know-how, Andrey Arsentiev, head of analytics and special projects at InfoWatch, said. This is due to increased competition in domestic and international markets. He also confirmed that the share of leaks in the financial sector is declining, which is associated “with the growing security of the banking infrastructure and the difficulties in monetizing this information.”
Most often, data is leaked from high-tech companies, healthcare organizations and the public sector.
Among countries, the United States occupies the first place in terms of the number of leaks (accounting for almost 42% of all such incidents in the world), Russia ranks second with a share of 16.8%. On the third — Great Britain (4.9%).
“The stable suppliers of news about leaks in the world are those countries where legislation on the protection of information, primarily personal data, is developed. First of all, we are talking about the United States and the European Union, where companies are required by law to disclose information about incidents to authorized bodies, and in case of hiding leaks, they risk receiving huge fines, ”the study says.
Roskomnadzor drew up a report on Yandex.Food due to a data leak
Although Russia ranks second in terms of the number of leaks found in open sources, in 2020 the number of Russian leaks in the overall ranking began to decline, and in 2021 it decreased by 40%.
This is largely due to the peculiarities of the formation of the “incident map”, InfoWatch experts explain. Russian cybersecurity specialists can see as many Russian-language sources as possible from search results using various search engines. “At the same time, English is the second key search language in the media, and it is the main language on the dark web, so leaks in the United States dominate among the cases found, and the share of published leaks in other English-speaking countries is also high,” the authors explain.
The Ministry of Digital Development and Communications of Russia in February supported the idea to introduce turnover fines for personal data (PD) operators for leaks. The ministry believes that the existing penalties “do not encourage operators to unconditionally comply with the requirements of legislation in the field of personal data,” and the introduction of penalties will help reduce the number of incidents. Now the maximum fine for a company for leaking personal data of citizens is 500 thousand rubles, said Aleksandra Orekhovich, Director for Legal Initiatives of the Internet Initiatives Development Fund.