Cybercrime is escalating. The cost of cybercrime is estimated to reach $10.5 trillion annually by 2025, making it more profitable than the global illegal drug trade. If it were a country, that would make cybercrime the world’s third-largest economy.

In their efforts to combat the increasing attacks, cloud service providers like Box (with their Box KeySafe solution) are helping companies protect their data with enterprise key management.

Experts agree that successful enterprise key management is critical to regulatory compliance and security for companies.

Just think about all the different kinds of data and devices your business might have in numerous locations and you can begin to understand why enterprise key management is absolutely essential to data security.

In this article, we will discuss how enterprise key management works, the role it plays in ensuring that your organization’s data is both accessible and secure, and how to evaluate the data encryption needs of your company.

What is enterprise key management and how does it work?

There are vulnerabilities that come with every aspect of your organization’s approach to handling data. That’s why the National Institute of Standards and Technology (NIST) recommends that any data that requires confidentiality protection should be encrypted to mitigate unauthorized persons from accessing it.

Encryption takes data (called plaintext) that you want to protect and passes it through encryption algorithms (mathematical calculations called a cipher) that transforms it into an unreadable, secret code (called ciphertext).

A cipher includes a variable value, called a key, that allows a cipher to output unique ciphertext each time.

A key is such an important part of an encryption algorithm that the key is kept secret, not the algorithm. Robust encryption algorithms are designed so that even if someone knows the algorithm, it’s impossible to decipher the ciphertext without knowing the key.

Decryption of the encrypted data requires that key to convert the scrambled information back to its original, readable form.

Even if some unauthorized entity gains access to the encrypted data, the intruder has to guess:

• Which cipher the sender used.
• Which keys were used as variables.

The time and difficulty required to determine this information is what makes encryption so difficult to crack and such a valuable security tool.

Of course, when you consider the enormous amount of company data that needs to be protected and encrypted, shared amongst employees, and decrypted safely by supplying the proper keys to the employees with the proper permission access, you begin to realize the massive number of keys required on an ongoing basis.

Furthermore, an enterprise might use several dozen different, possibly incompatible encryption tools, resulting in thousands of encryption keys. Each key has to be securely stored, protected, and accessible.

Enterprise key management is about organizing and storing your keys in a central location and securely managing the lifecycle of your keys, from generation to destruction. The steps of that ongoing, iterative process include:

• Key generation.
• Key distribution and registration.
• Key storage and backup.
• Key deployment and usage.
• Key recovery (or re-keying).
• Key revocation and archiving.
• Key de-registration.
• Key destruction.

The importance of encryption key management for proper security is paramount. Unless the encryption keys are carefully monitored, unauthorized parties can gain access to them.

The importance of organizational data security

Cybersecurity statistics and data trends show an alarming rise in data breaches, hack attacks, and malicious campaigns.

A cyberattack is an attack on your enterprise with the goal of disrupting, disabling, destroying, maliciously controlling your computing infrastructure, or causing a data breach—the intentional theft or destruction of confidential information.

The Ponemon Institute’s 2021 Data Breach Report states that data breaches in the US cost an average of $4.24 million. But the many repercussions of a data breach can also include:

• Reputation damage. Companies can spend hundreds of thousands of dollars to rehab their brand image after a data loss.

• Productivity disruption. Lost files can cause days or weeks of employee downtime and lost sales.

• Legal issues. In some cases, data exposure can lead to regulatory fines. For example, violations of the General Data Protection Regulation (GDPR) can cost up to 4% of a company’s previous year’s revenue.

• Loss of customer loyalty. In the US, 83% of consumers claim they will stop spending with a business after a security breach.

Yet, even with all that potential for serious damage, many companies are not protecting themselves as robustly as you might think.

Protection against evolving threats

Too many companies still rely on off-the-shelf, consumer-grade solutions in the face of growing threat levels. For example, in 2021, almost every category of cyberattack increased in volume:

• There were 10.1 million encrypted threat attacks (a 167% increase).

• While malware attacks decreased at the start of 2021, they surged in the latter half of the year for a total of 5.4 billion incidents.

• There were 623.3 million ransomware attacks (a 105% increase).

• There were 97.1 million cryptojacking attacks, the most ever recorded in a single year and a 19% volume increase from the previous year.

• There were 5.3 trillion intrusion attempts made against systems (an 11% increase).

The growing threat level demands a comprehensive data protection and security strategy. This includes adhering to best practices for encryption, encryption key management, and data backups as well as using the right tools to ensure that your company’s valuable data cannot be corrupted or compromised by unauthorized individuals.

Finance, healthcare, telecom, government—no sector is immune. Too many enterprises are still relying on solutions that may not be sufficient to protect against the increasing number and heightened level of cybersecurity threats.

It has become all too common to read about serious data breaches in the news:

• Over $30 million looted. Hackers broke into blockchain wallets on crypto.com and made off with roughly $18 million in Bitcoin and $15 million in Ethereum, as well as other cryptocurrencies.

• Healthcare company’s data breached; company closes. Salusive Health (aka myNurse) says the exposed information potentially included demographic, clinical, and financial information.

• Personal information of 48 million exposed. T-Mobile confirmed that customers who had applied for credit had sensitive information stolen—including first and last names, Social Security numbers, dates of birth, driver’s license, and ID numbers.

• Government data breach of US defense and technology firms. Chinese hackers stole passwords from US firms working with the federal government in order to steal critical information about defense technology contracts.

Growing cybersecurity threats in 2022 and beyond

Hackers are increasing the frequency and magnitude of their cyberattacks, and here’s how:

• Gartner predicts that by 2025, a security breach will result in the shutdown of operations for 30% of critical infrastructure organizations.

• Global cybercrime costs to grow by 15% per year over the next five years, reaching $10.5 trillion annually by 2025.

• Ransomware will cost victims around $265 billion annually by 2031.

• Cryptocurrency crime is predicted to cost the world $30 billion in 2025.

It’s clear that every organization requires encryption for data security, improved compliance with privacy regulations, and to reduce the chances of confidential information being leaked or hacked. But is all enterprise-level encryption created equal?

How to evaluate data encryption solutions

The data encryption solution you choose for your enterprise should follow the same principles you would use for assessing almost any technology before deploying it. It needs to:

• Be able to integrate with your operating systems, services, and processes.
• Be able to scale with your organization’s infrastructure.
• Be able to comply with your industry’s standards and regulations.
• Be able to encrypt data stored on different cloud servers managed by various providers, file servers, and platforms.
• Furthermore, it’s essential to pay attention to the encryption methods you choose. The current highest standard is the AES (Advanced Encryption Standard) with a key length of 256 bits. WinZip® Enterprise offers 256-bit AES and direct integration with your accounts on Box (as well as Dropbox, Google Drive, MediaFire, OneDrive, SugarSync, CloudMe, and ZipShare).

WinZip Enterprise also combines that with industry-leading compression, sharing, and management in one powerful, customizable solution. With centralized IT control, it is easy to deploy and enforce security policies across your organization.

Learn how WinZip Enterprise provides simple and secure data encryption at the enterprise level.

Since 2006, people have been quoting British mathematician Clive Humby’s famous phrase, “Data is the new oil.” However, a strong case can be made that data may actually be more valuable than oil—some of the world’s most highly valued companies are data companies deriving much of their value from virtual assets.

As Forbes pointed out, nowadays, every company is a data company, and the value of data is growing. Data can improve the overall performance of a company and help them make better decisions. It can also be used to create new products, new features—even disruptive new companies and markets.

Unfortunately, your company’s data is also financially lucrative to the hordes of hackers out there looking to steal it and sell it on the dark web or other questionable online marketplaces. The 2021 Data Breach Investigations report cites 93% of these bad actors were motivated by money. According to the Ponemon Institute, the global average total cost of a data breach in 2021 was $4.24 million.

No industry or business is spared from the threats—not even nonprofits. With every sector exhibiting similar risks, it’s important to consider convenient, primary ways of protecting your company’s data, such as by using password protection and encryption.

There are numerous levels of data protection available to organizations. The first and simplest line of defense is to password protect your sensitive files and folders when:

• Sharing a device with other users.

• Needing to collaborate securely.

• Using a device with a high risk of being stolen, such as a phone, laptop, or tablet.

• Sending or sharing files online.

• Protecting any important data that could be accidentally or intentionally modified or deleted.

In this article, we will identify situations in which you might need to password protect a Zip folder, discuss common issues that can arise when adding password protection while zipping files, and cover how solutions such as WinZip® Enterprise help you protect and encrypt your Zip files.

Why password protection Isn’t the same as encryption

Password protection uses private passwords to protect sensitive information. Encryption is a level up from password protection. Encryption is more secure than passwords because it scrambles and unscrambles data using an algorithm and a key.

Password protecting a Zip folder is like putting your valuables in a safe where you choose the combination, and it remains known only to you and the people with whom you choose to share it.

Of course, password protection is only as strong as the password itself. Using weak password protection for information security can leave companies vulnerable to hacks and attacks, including the following:

• Dictionary hack. A dictionary attack relies on a library of words and phrases commonly used as passwords, such as “123456,” “password,” or “iloveyou.”

• Brute-force attack.A hacker can try to gain access to systems through brute force by trying every possible combination of letters, numbers, and special characters. The longer and more varied the password (for example, “cyber1!” vs “cY#v1!B^9%Gw”), the more difficult and time consuming it is to break in a brute-force attack.

• Phishing. In a phishing attack, cybercriminals pose as reputable, recognizable people, organizations, or service providers to steal information. Fake password resets are a common type of phishing attack, which prompt users to provide their password or other credentials to verify their account.

• Rainbow table. When stored in a computer system, passwords are saved as encrypted hash values rather than plain text. When you enter your password, it is “hashed”— converted into a predefined-length, undecipherable string that is authenticated against a matching hash value stored in your password database.

• In a rainbow table attack, cybercriminals leverage a database that contains plaintext passwords and their associated hash values to try to guess, match, and crack your passwords.

All the more reason to make sure you create strong passwords.

People often create passwords with the goal of making them easy to remember. So, they make the mistake of using family members’ names, nicknames, pet names, hobbies, or birthdays.

Here are some tips for creating strong passwords:

• Don’t use personal information. Information like your name, birthday, username, or email address are often publicly available online.

• The longer, the stronger. Extra characters add extra security. In general, your password should be at least six characters long, though some industry experts say 12.

• Don’t reuse passwords. As a best practice, create a new password for each account. If a hacker gains access to a multiple-use password, they can gain access to each of the associated accounts.

• Pick something obscure or nonsensical. For instance, use or create a word that is not found in the dictionary—instead of “funnybone,” use “phnybon.”

As mentioned earlier, password protecting files and folders is smart, convenient, and a strong first line of defense.

However, there may be times when you want to encrypt a file or folder instead. For example:

• Using your laptop on public or open Wi-Fi. Public Wi-Fi hotspots are convenient when you are on the go, but they are not always secure.

• Your device gets stolen. Your data will still be hard for a hacker to access if your files are encrypted.

• Transferring data. Online storage and sharing services, USB drives, and emails can all be hacked. Encrypting files and folders helps ensure they stay secure even if someone is able to intercept them.

• You want to add an extra layer of protection. Adding encryption can amplify security by making a would-be hacker work through multiple barriers.

• You need to maintain data integrity and follow industry regulations. When you’re dealing with sensitive information that must be compliant with regulations or industry standards, data integrity is paramount. If you can’t be absolutely certain that your data hasn’t been tampered with, then it may be rendered unusable.

There are some types of files everyone should consider encrypting:

• Financial information and records
• Legal documents
• Personally Identifiable Information (PII)
• Confidential project file
• Backups and archives

Encryption is a way of concealing messages by encoding them in such a way that only authorized personnel can access the information. Encryption hides your data by making it unreadable to anyone without the proper encryption algorithm.

So if you’re wondering whether to encrypt a file or folder, a good rule of thumb is “when it doubt, encrypt.”

To summarize the difference between password protecting and encrypting:

• Password protection means securing a file or folder with a password you have created. Unless the receiver of that file or folder has the correct password, they won’t be able to unlock it and access its contents.

• Encryption scrambles all the data in the file or folder using an algorithm and a key. So, it requires that the receiver of the file has access to the key to give that algorithm permission to unscramble it.

Times when you might want to password protect and encrypt files and folders:

It’s a smart idea to use password protection and encryption if you have financial data, sensitive data, PII, or really any data that’s important enough to protect.

Fortunately, WinZip Enterprise makes it easy to password protect and encrypt a file or folder as part of the same process and, in fact, recommends that you do both when possible.

How to password protect a zip file or folder

Once you experience how easy and secure it is to password protect and/or encrypt your files and folders, you’ll want it to be a standard operating procedure for yourself and for your organization. Just follow these simple steps:

1. Open your file or folder.
2. Click Encrypt in the Actions pane.
3. Drag and drop your file(s)/folder(s) to the center NewZip.zip pane.
4. Choose a strong password.
5. Enter the password (twice) when the dialog box appears.
6. Click OK.
7. Click the Options tab in the Actions pane.
8. Choose Encryption Setting. (Note that 256-bit AES is recommended.)
9. Click Save.
10. Now you are ready to store, email, or share your files with extra security.

Common issues when zipping files and adding password protection

The great benefit of protecting files and folders by zipping them is that you are in control of their security since you create and possess the password. However, if you forget or lose that password, it can be incredibly difficult (if it’s possible at all) to recover a lost password. So be sure to keep your password secure and stored in a safe place.

One of many reasons to password protect documents is so you can share them securely—online or in an email. This requires the person you’re sharing them with to have your password. It’s a good practice to send the file and the password in separate emails and advise the recipient to store the password in a secure place.

There may be times when you have already zipped a file or folder and stored it on your computer, then later decide you want to encrypt the data in that Zip file. If a file or folder in that Zip folder is already encrypted, it will first need to be decrypted and then re-encrypted using the password and encryption method you specified.

For various reasons, a Zip file may fail to open because of:

• File corruption
• An incomplete download
• Interruptions (like power failure) during compression
• Damage due to exposure to magnetic fields, high temperatures, or mechanical shock

Fortunately, WinZip Enterprise can often help you repair Zip files, so you can feel free to Zip and encrypt without worrying about the integrity of your data.

Learn how WinZip Enterprise can help you password protect and encrypt Zip files.

Organizations are adopting the cloud in increasing numbers, with enterprise cloud spending estimated to comprise account for 14% of IT revenue worldwide by 2024. In 2020 alone, 61% of businesses moved their workloads to the cloud at least partially in response to the pandemic-fueled shift to remote work environments.

Enterprise cloud storage solutions create a unified IT environment that offers the agility of the cloud, partnered with the security of an on-site data center. Designed to meet the complex needs of large organizations, enterprise cloud storage provides the most positive aspects of both the public and private cloud.

In this article, we will explore what you need to know about enterprise cloud storage, including how companies can benefit from using these types of solutions.

What is Enterprise Cloud Storage?

The “cloud” describes a global network of remote servers that operate as a single ecosystem. This facilitates on-demand access to files and data for authorized users.

Cloud storage gives enterprises flexible, scalable access to processing power, computer memory, and data storage. Rather than shouldering the cost of implementing and maintaining your own networks and data centers, your organization can reduce costs and access these resources through enterprise cloud service providers.

Enterprise-level organizations handle large volumes of business-critical data, and cloud storage grants them the ability to scale storage requirements for expansive workloads. Cloud storage solutions are available in three primary forms:

• Public cloud. The public cloud delivers services such as data storage using the internet. The cloud service provider (CSP) develops, manages, and maintains resources that are leased to you and other tenants that use the CSP’s services. This cloud solution tends to be cheaper than private or hybrid, but it is also less secure. As such, a public cloud would not be a good fit for companies that handle sensitive data subject to strict compliance requirements, such aslike insurance, healthcare, or defense firms.

• Private cloud. With private cloud storage, your company does not share cloud resources with any other organization. This solution is highly customizable to your needs—for example, data can be stored and managed on-premises by your internal IT team or offsite by the service provider. Private cloud storage is ideal for companies in highly regulated industries like healthcare or finance with sensitive data that requires additional levels of security and access control. However, private clouds are often the most expensive option and can be limited in terms of scalability and access for mobile users.

• Hybrid cloud. A hybrid cloud is a flexible combination of a public and private cloud. This solution offers organizations the ability to leverage an on-premises private cloud and divert non-critical data to an offsite public cloud infrastructure. A hybrid deployment gives companies greater control over their data management and simplifies data transfer between public and private cloud storage. According to industry statistics, 87% of enterprise organizations use a hybrid cloud strategy, which is driven primarily by the cost effectiveness of hybrid cloud solutions.

Advantages and Disadvantages of Cloud Storage for Large Organizations

As with any technology, there are pros and cons that must be considered when evaluating the viability of cloud storage for enterprise-level organizations. By understanding the advantages and disadvantages of cloud storage, companies can evaluate solutions and make the best choice for their needs.

Advantage: Accessibility

Files stored in the cloud are easily accessible from anywhere and at any time. This is especially useful for businesses with distributed teams or remote and hybrid work environments, which is why industry experts predict that the enterprise cloud storage market will grow by nearly 15% by 2024.

Authorized users can access stored data using their preferred device, such as a desktop computer, tablet, laptop, or smartphone. This eliminates the need to manually transfer updated files from one device to the other, which is both inefficient and increases the likelihood of users working on out-of-date files.

Disadvantage: Security Concerns

When your company opts for cloud storage, you are handing your sensitive business data to a third-party service provider. This is whyTherefore, it is important to carefully evaluate service providers to ensure that they can keep your information secure. Security concerns are especially prevalent with public cloud deployments, which are prone to misconfigurations of their security and compliance features.

The appropriate configuration of security settings and access to storage inventory is critical to limiting data vulnerabilities. According to a recent cloud security report, 90% of organizations have cloud misconfigurations that leave them vulnerable to security breaches. Choose enterprise cloud storage solutions that can provide written assurances regarding how the cloud provider stores data, monitors security, and responds to breach events.

Advantage: Scalability

Enterprise cloud storage solutions allow enable your company to scale storage requirements based on your organizational needs. On-premises datacenters, however, may require an expensive investment into additional equipment and staff to meet increased storage requirements. This also makes it difficult to scale down on-premises storage solutions because doing so does not release your business from its original payment agreements.

With cloud storage, you pay for what you need and can easily scale up or down in response to changing circumstances. These changes can be made almost immediately without needing to purchase additional equipment, hardware, or software.

Disadvantage: Breaches and Leaks

As data moves between cloud storage and the user’s device or system, it is vulnerable to external attacks. The internet is not completely secure, and there are numerous existing vulnerabilities that can be exploited. In the first quarter of 2020, external threats to cloud services grew 630%, highlighting the need for secure data storage and transfer.

You can reduce the threat of external attacks by encrypting data when it is stored in the cloud and in-transit from one destination to another. Encrypted files give you the ability to control user access and monitor system activity. By maintaining visibility over your storage environment, you are better positioned to quickly identify and mitigate security risks.

Advantage: Disaster Recovery

Data stored in the cloud is backed up multiple times on servers in datacenters around the world. Building redundancy into data storage ensures that your data is safe in the event a server or entire datacenter is compromised. There is no single point of failure, and you can easily retrieve another copy of your data through an internet connection.

Because cloud service providers store identical copies of your data in several locations, your company can implement the 3-2-1 rule of secure backups. This is a key component in your company’s backup and recovery plan in which you have three copies of your data on at least two separate media, andand at least one backup at an off-site storage location.

How do companies benefit from enterprise cloud storage solutions?

In highly regulated industries, security is a critical component of cloud storage solutions. Fortunately, enterprise storage solutions often feature advanced security elements such as encryption, policy-based data retention, encryption key management, and detailed user logs.

For most organizations, applicable compliance requirements include the following:

• General Data Protection Regulation (GDPR). The GDPR deals with the protection and privacy of personal data. Companies must ensure that their CSP’s data protection services are compliant with GDPR guidelines. Under GDPR, you can be held responsible if your cloud storage provider violates GDPR standards, which is why enterprise CPSSPs provide additional levels of administrative and security features not found in consumer-grade solutions.

• Health Insurance Portability and Accountability Act (HIPAA). HIPPA protects the privacy and confidentiality of an individual’s Protected Health Information (PHI). A key HIPAA requirement for data protection is the offsite storage of data backups. If your data is stored in the cloud, you will need to store backup copies in a different location, such as another cloud storage solution or an on-premises server. Backups must also be encrypted both in transit and at rest, so they cannot be placed in unencrypted storage environments.

• Sarbanes-Oxley Act (SOX). In the US, all public companies must comply with SOX to protect the general public from errors and fraudulent practices (certain provisions also apply to privately held companies). Enterprise cloud storage solutions often have strong security measures in place for SOX compliance, such as access controls, encryption, and user authentication systems.

• Gramm-Leach-Bliley Act (GLBA). The GLBA requires financial institutions to protect the confidentiality of their customers’ personally identifiable information (PII). Its rules also apply to a company’s service providers and third-party affiliates, including cloud storage providers.

Enhance Your Cloud Security with WinZip Enterprise

Despite the benefits of cloud storage, it is not without its security risks. In fact, according to a 2020 cybersecurity study, the top concerns for cloud storage solutions include (but are not limited to) the following:

• Security misconfigurations.
• Lack of visibility into access and activities.
• Excessive user permissions.

These security concerns are well-founded since more than 79% of the surveyed companies had experienced a data breach in the last 18 months. Of those respondents, many were in highly-regulated industries such as finance, health, and government organizations.

For enhanced data protection, many businesses look to WinZip® Enterprise to simplify their file encryption processes. WinZip Enterprise’s AES encryption offers unsurpassed, military-grade protection that is leveraged by highly regulated companies handling sensitive data, including the financial services, insurance, healthcare, and defense and government sectors.

Discover how WinZip Enterprise simplifies cloud enterprise storage solutions and adds a layer of compression and security to your data files.

Data exfiltration is big business for cybercriminals and a significant problem for any company that finds themselves the victim of an attack. Any unauthorized movement of data is considered data exfiltration, which is also known as data extrusion, exportation, or theft.

Malicious actors that copy, transfer, or retrieve sensitive data without authorization might be outside attackers or malevolent insiders. To adequately address these threats, it is important to understand not just what data exfiltration is, but how to prevent such attacks through increased security measures.

How Is Data Taken?

Data is exfiltrated through three common attack vectors:

• Unintentional employee errors
• Intentional insider attacks
• Outsider targeted attacks

Both intentional and accidental insider actions account for 43% of data exfiltration events, with the rest attributed to outside actors. These outside actors include hackers, malware creators, and organized crime units, among others.

Cybercriminals often use phishing techniques to gain and exploit system access. In fact, phishing scams were listed in the top three internet crimes reported to the FBI in 2020. A ubiquitous method to steal organizational data, phishing attacks use emails that look legitimate and appear to be from a trusted sender, but these messages contain malicious links or attachments that threaten your cybersecurity.

Additional vectors of data extrusion include the following:

• Network breaches. Attackers can gain remote access to your data assets by exploiting access vulnerabilities, such as weak passwords, compromised user credentials, or brute-force techniques.

• Physical media. Around 40% of data exfiltration events involve physical media, such as downloading data to an insecure USB stick or stealing a laptop that holds sensitive information.

• Cloud storage. Close to 70% of companies that store data in the cloud have experienced a breach and data exposure is the second most common issue with cloud security.

Once the attacker has access to your system, they can peruse the network looking for sensitive data and critical assets. To execute the unauthorized data transfer, the most common method is to set up a shell communication channel. This channel facilitates remote interaction between the attacker’s command-and-control (C2) server and the compromised host network.

The C2 server is configured to respond to a predetermined protocol, which initiates the data transfer from the victim’s device to the attacker’s server. Common protocols used for data exfiltration include:

• Hypertext Transfer Protocol (HTTP). The HTTP protocol is commonly used on most networks, making it a prime choice for attackers. With the high volume of HTTP traffic that flows through enterprise networks, malicious actors can transfer sensitive data without being noticed.

• File Transfer Protocol (FTP). The FTP protocol is essential for transferring large files online. It does not use encryption and instead relies on plain text usernames and passwords for access authentication. An attacker can exfiltrate data if your FTP protocol’s outbound connections are not monitored or protected by a firewall.

• Domain Name System (DNS) protocol. The DNS protocol facilitates communication between internal networks and the internet and translates domain names into IP addresses. Attackers use a process known as DNS tunneling to reroute DNS queries to the attacker’s server, creating a data exfiltration path for unauthorized file transfer.

Security Risks Associated with Data Exfiltration

Data exfiltration is difficult to detect because it often mimics normal network traffic while moving data outside the company network. Should an incident go unnoticed until after the attacker has successfully exfiltrated your data, it could result in significant data losses.

Organizations with high-value data are at an increased risk of falling victim to data exfiltration. Examples of high-value data include, but are not limited to, the following:

• Personal information about customers, clients, or employees.

• Confidential enterprise information, including intellectual property, strategy documents, and proprietary technology.

• Financial information such as payment card data and bank account details.

Data exfiltration’s consequences are not just limited to data loss. It also leads to lost customer trust, reputational damage, and regulatory fines.

For example, the loss of proprietary information impacts your competitive advantage in the market. If sensitive personal information is compromised, your company can lose your customers’ trust and new customers may hesitate to work with you in the future.

The theft of personal data also opens your organization up to hefty fines for failing to comply with privacy regulations. For example, under the European Union’s (EU’s) General Data Protection Regulation (GDPR), the theft of personal data from an organization required to properly protect that data could lead to fines of up to 20 million euros (approximately $22 million USD).

In addition to the security risks associated with data loss, exfiltration events often occur in tandem with ransomware attacks. This form of cybercrime is known as double extortion because malicious actors first exfiltrate sensitive data before encrypting files and holding them for ransom or launching the ransomware payload.exfiltrate sensitive data before encrypting files and holding them for ransom, or launching the ransomware payload.

A double extortion attack means that should a company refuse to pay the ransom to have their files decrypted and returned to them, the cybercriminals can simply leak or sell the data on the dark web. During the first half of 2021, almost 80% of all ransomware events involved data exfiltration.

Threat actors are backing their ransomware attacks with data exfiltration in response to victims refusing to pay ransoms. Their unauthorized data transfer gives attackers extra assurance that they will profit from their efforts.

Even if the organization refuses to meet their demands, the cybercriminals can leverage the exfiltrated data. They can extort the company for even more money than the original demand or release the data on the dark web where it can be sold for a profit.

Data Exfiltration Is a Growing Threat

Data exfiltration is one of the fastest growing cyberthreats today, especially when it comes to using double extortion as a key technique in ransomware attacks. By the end of 2020, around 40% of known ransomware groups had data exfiltration capabilities.

Interestingly, double extortion has increased in popularity amongst cybercriminals in response to better data backup practices. Because companies have improved their processes for backing up data and devices, the threat of losing data if they do not pay a ransom in exchange for the decryption key is not as powerful.

Double extortion enables cybercriminals to encrypt and exfiltrate data, pressuring the victims into paying the attacker one way or another. In fact, the cost of cyber-extortion and ransom claims doubles when attackers exfiltrate data.

A key area of concern is the growth and proliferation of ransomware-as-a-service (RaaS) product offerings. This is pay-for-use malware that can be used by people with limited technical skill to extort stolen data. In a typical RaaS environment, the malware developer keeps a portion of the ransom, with the majority of the profits going to its affiliates.

For example, BlackCat is a RaaS solution in which threat actors pay RaaS operators to launch a ransomware attack. Since first appearing on the threat landscape in November 2021, BlackCat attacks have compromised companies all over the world, demanding ransoms as large as $3 million.

In February of 2022, Expeditors International were victims of BlackCat ransomware, which forced the company to shut down its systems to investigate and remediate the attack. Because Expeditors is part of the shipping supply chain, this event impacted shipping processes when Expeditors’ systems were taken offline.

BlackCat differs from other RaaS offerings because it not only exfiltrates sensitive data and encrypts systems—it also launches a distributed denial-of-service (DDoS) attack if the victim does not meet its demands. Double extortion with the added threat of a DDoS attack gives RaaS operators greater leverage in negotiating ransom payments.

How Secure File Storage and Sharing Combats Data Exfiltration

Comprehensive security strategies help prevent data exfiltration. A secure file storage and sharing system empowers IT teams with administrative controls over access privileges, encryption requirements, and other data management tools.

Secure file storage and sharing solutions employ permission-based user roles to control who can access what data. By granting access only to what is necessary for an individual’s job functions, the principle of least privilege (POLP) minimizes the attack surface in which data exfiltration can occur.

To ensure that the POLP still applies, IT teams should conduct regular, scheduled reviews of file storage and user activity. The frequency of these reviews will vary depending on system size and asset risk, ranging from monthly reviews of high-risk assets to annual reviews of low-risk systems.

Strong encryption protocols are needed to fend off malicious actors seeking to exfiltrate your data. Should cybercriminals access your system, they will be unable to read or understand information without the proper decryption key. Encrypting files both while at rest and in transit ensures end-to-end data protection, preventing unauthorized access to sensitive information.

File storage and sharing solutions include features to increase data visibility and security. When IT administrators can monitor movement of files and data, they are better positioned to identify anomalous or unusual behavior that could indicate data theft. For example, the following warning signs could indicate unauthorized insider activity:

• Turning off or not using security controls, such as encryption or multi-factor authentication.
• Accessing and/or downloading large volumes of data.
• Accessing data or applications that are not relevant to the person’s job role.
• Searching for security vulnerabilities, such as circumventing access controls.

WinZip Enterprise Increases Security and Helps Prevent Data Exfiltration Attacks

WinZip® Enterprise secures, manages, and protects sensitive business data. This fully customizable solution empowers IT admins with streamlined controls over user access, encryption standards, and protocols regarding the storage and sharing of information.

Detecting and stopping data exfiltration is key to eliminating data loss. Therefore, solutions like WinZip Enterprise are essential by providing file tracking, which records every instance of a file being moved, edited, or deleted. These insights help organizations review system activity and identify both insider attacks and external threats.

For unsurpassed protection of data at rest and in transit, WinZip Enterprise leverages military-grade AES encryption. This keeps files safe whether they are in storage or being shared, preventing unauthorized access and its associated costly unauthorized data transfers that can result in acts of extortion or even worse.

Explore how WinZip Enterprise can help your company prevent data exfiltration attacks and increase security measures.