Email Exfiltration of Sensitive Customer Data

Email Exfiltration of Sensitive Customer Data

Profile picture for user LukasVileikis
Lukas Vileikis
03 August 2021

These days, attacks on your data are happening left and right. Aside from the attacks we have mentioned in some of our previous blog posts (ransomware, etc.), one of the dangers is also email exfiltration of sensitive data in an organization. This sensitive data might include confidential company information, customer information, etc.

What is Email Exfiltration?

In general, data exfiltration is the act of unauthorized copying, transfer, or retrieval of sensitive company or other data from any server. Data exfiltration can also be done “by hand” meaning that sensitive documents can also get stolen from a company internally not even using the Internet. Email exfiltration, on the other hand, refers to the act of data exfiltration by using email measures.

Why is Email Exfiltration Dangerous?

Data exfiltration by email can be (and is) dangerous:

  • If targeted at employees that have access to sensitive customer data - if those employees can be somehow coerced to copy, transfer, or retrieve the most sensitive information from your company, you have a huge problem on your hands. Data exfiltration by email can be done quickly, anonymously, and relatively “safely” for the perpetrator - all he or she needs to do is just copy information he already has access to! It can be as simple as clicking a few buttons - yes, it is indeed that easy.
  • If it is not targeted at employees that have access to sensitive customer data - these employees can coerce other employees that might already have access to it, etc.
  • If used together with phishing or spear phishing scams - these attacks can be steps to obtain sensitive company data or install malicious software onto a computer or a network.
  • If done by former employees. Perhaps the former employees of your business may have been treated unfairly, perhaps they felt like they are being underpaid, perhaps they felt like they are doing much more work than everyone else, etc. - these are all factors that make the risk of data exfiltration bigger.

Protecting against Email Exfiltration by Backing Up Data

Thankfully, you can protect yourself (and your organisation) even if you are a target of an email exfiltration attack. A solution to all of these problems can be simply backing up your data - it can help quickly and easily recover after an attack or after a disruption that causes your data to be corrupted.

Backing up your data can be one of the most crucial steps to protect your organization before and after attacks happen - no matter how severe they are or what kind of attacks your organization is facing: be it ransomware, DoS or DDoS, or even data exfiltration.

Backing Up Data with Backup Ninja

Thankfully, there are solutions that can help you achieve your backup goals. One of those solutions is Backup Ninja - Backup Ninja can help you backup and restore your most crucial data stored inside of your database instances including MySQL, PostgreSQL, MariaDB, MongoDB, Percona, and TimescaleDB. To use the features Backup Ninja can offer, first log in to your account.

You will be instantly able to observe the status of your database servers - how many of them are running, how many of them are inactive, and how many of them failed during specific time periods:

Main Settings Page

However, what you are most likely interested in is the ability to back up (and restore) your data - simply click on Backups to observe a list of backups - you will be able to see their duration, what server they were taken on, their schedule information, backups can also be restored or deleted if you so desire:

Information

If you want to see a list of scheduled backups, simply click on the Schedules button:

Scheduling Backups

In this case, you can observe your backups, their method, when they were last executed and on what server, what is their schedule, etc. You are also able to view and run them.

If you want to schedule your backup, you can also do that. Select your backup method, type in your schedule name, select your backup server, and select if you want to perform full, partial or incremental backups, then click Continue.

Details

Now, select where you want to store your backups (backups can either be stored locally or in the cloud) - we are going to store them in the cloud, so we also need to select our cloud credentials, retention policy type,  and specify the retention length in days:

Where to Store Backups

Now, specify a name pattern you want to use for your backup, specify whether you want to use compression or not, and specify whether you need your data to be encrypted or not (encrypted backups are better for security purposes):

Name Pattern

Now, click Continue and finish scheduling your backup - define the time the backup will run (whether hourly, daily, monthly, weekly, or yearly, you can even specify the backup schedule in minutes if you so desire!):

When will the Backup run

That’s it - your backups should now be successfully scheduled and ready to go.

Summary

The email exfiltration of sensitive customer data is something that definitely needs your attention. While it is not an attack that should keep every business owner wide awake at night, knowing how to protect against such an attack now and in the future is absolutely invaluable for both you and your business. One of the most crucial points in order to protect against such an attack is the act of backing up your data - Backup Ninja can be your reliable partner in the process, since it can back up any kind of database instances ranging from MySQL, Percona, and MariaDB to TimescaleDB. If you are interested in what Backup Ninja can do for your business, make sure you give it a try.

Tags