ADVANCING TECHNOLOGY, DEGRADING PRIVACY?
If you were born during the age of technological evolution, I’m pretty sure at some point or another, you’d have made the common mistake of downloading a malware into your computer unknowingly which is commonly referred to as VIRUS. No, I am not talking about the Coronavirus which has completely shaken the world right now but something which has proven to be worrisome for the tech industry over a period of time.
Data Records and Data Theft
The question comes down to what data records exactly are?
Well, a data record is a small part of a database (a systematically organised piece of information).
Many data records make a data field, which eventually builds a database.
Data breach, as the name suggests, refers to the security incident in which information is accessed without authorization. Data thefts can hugely affect big businesses and even consumers in a variety of ways!
As technology is moving forward, more and more of our data and information is being uploaded on the digital network. As a result, cyber crimes have seen a huge jump in numbers in the past few years and are expected to keep rising.
Statistics
The number of lost or stolen data records varies around the world. We can even refer to data records as any piece of information which can put an individual or an organisation at risk. These can include email IDs, date of birth, medical records, credit card details and bank account credentials to name a few.
As seen in the above graph, India has been categorised in the 100mil to 1bil.
This is not a surprise when we think about it as India has the second-largest Internet population in the entire world with about 400 million internet users as of 2018. This definitely brings new vulnerabilities into our digital society.
With new schemes and plans to introduce more and more people of India to the Internet and a digital life, the Internet population in India is constantly rising.
Due to this, we have seen a huge jump in cyber crimes recently.
In 2018, there were over 27 thousand cases of cyber crimes recorded in the country, marking an increase of over 121 percent compared to the number of cases just two years back. The crimes range from the petty online frauds like lottery and scams to even sexual harassment. However, the most targeted crimes were seen to be in the banking and the financial sectors.
Does Our Data and the New Technology Go Hand in Hand?
Now that we have moved into 2020, the new age for technology is just around the corner. The question that stands out is, are we really prepared to counter all the new vulnerabilities which are going to come along with it?
Nowadays, we hear a lot about 5G, artificial intelligence(AI), cloud technology and machine learning. These technologies are going to be an integral part of our lives and businesses and will determine how the world runs in the future.
Though all these technologies are going to make our lives a bit easier and a lot more efficient, it will introduce many new challenges to our security.
With all these advancing technologies, more of our data and personal information is going to be online and thus, is going to be more vulnerable to the data breaches and leaks.
New ways to exploit?
- 5G and its cybersecurity vulnerabilities
- With the introduction of 5G, we are entering a completely new era of communication and innovative consumer services. As many people and organisations begin to adopt the 5G network and way of life, constant updates due to its software network characteristics will end up creating new vulnerabilities.
- As more people start using the 5G network, there would be a need to expand the bandwidth of 5G, which could help the experts who are looking to exploit such vulnerabilities. As bigger enterprises and cities start becoming 5G powered, the surface of attack would be on a larger scale and can prove to be worrisome.
- One problem which might surface itself in the early stages of adaptation to the 5G network can be the authorization and identification of these 5G networks. Access to certain information and systems can lead to huge leaks and losses and thus a no-trust policy can be adopted to protect the data for the time being.
2. AI and machine learning a threat?
- As the Machine Learning and Artificial Intelligence market grows, their applications in different business operations, firms, systems and other infrastructures would become a challenge to overcome.
- As these technologies are completely based upon the input data, there must be a thorough check of the input being given into that technology. For instance, data duping to corrupt the learning process of the Machine Learning algorithm can be induced to hamper the results.
- The working of the machine would be the same, however the end result given would be wrong and can cause losses worth millions to companies.
Ever wondered how hackers breach in?
We all know that hackers are known for their outstanding skills to enter various systems without an authorization. This is how our data is stolen and is then vulnerable to be misused. There are many ways a hacker can breach your data but let’s discuss the most common ways they can do so.
- Credential stuffing Risk level ~ High
Credential stuffing, also known as list cleaning and breach replay, is a means of testing databases or lists of stolen credentials — i.e., passwords and usernames — against multiple accounts to see if there’s a match.
Basically, a hacker would try to breach a site with poor security and then try finding the user credentials which can be passwords or even credit card credentials or any other important information, and then can sell them off at the dark web or an underground forum.
As the majority of people use a single password for most of the sites, the hackers can thus gain access to all the other usernames and sites.
2. Phishing: Risk ~ high
Almost 70% of the cybercrimes begin with phishing related attacks. Hackers use phishing to extract the user credentials and data.
They do so either for their own use or to sell them on the dark web where it can be misused.
Phishing is a social engineering trick which attempts to trick users into supplying their credentials to what they believe is a genuine request from a legitimate site or vendor.
Typically, but not always, phishing occurs through emails which are attached with malware inducing links which help these hackers to enter the systems of the users. Fraudsters can also use fake forms to steal login credentials and other important information.
How do we stay protected?
Well to be really honest, the battle between the data defenders and data thieves has been described as a cat and mouse game. As soon as we get a new way to protect our data, there comes many more ways to breach it. As a result, it’s almost a never ending battle. Or is it?
Here are some innovations which can give an upper hand to our data defenders..
- User-behaviour analytics
Once someone’s username and password are compromised, whoever has them can waltz onto a network and engage in all kinds of malicious behavior. It is this behaviour which would trigger the red flag to the system defenders if the system is equipped with the User-Behavior Analytics (UBA).
In addition to this, the UBA can also be used to train employees to follow the company’s rules. This way, better security practices would be carried out and less human errors would be seen.
2. Hardware authentication
It is a well-known fact that passwords and usernames used by a majority of data users are weak. This makes it easy for hackers to get access to the information systems and compromise sensitive data of a business entity or government agency.
Hardware authentication can be especially important when it comes to the Internet of Things (IoT), where the network of connected devices ensures that any device that seeks to be connected has the rights for connectivity to that particular network.
Although we are slowly making our transition into the digital way of life, we should be now more careful about our data leaks and breaches. We should all be alert whenever dealing online and should look out for hackers. As the saying goes, prevention is better than cure.
Also, we must keep looking for new innovative ideas which would help us prevent any further major data leaks. New technologies like UBA and hardware authorization have a huge role to play in strengthening our cyber security and preventing data leaks in the future. We must keep supporting new ideas but also keep in mind the consequences and vulnerabilities they can bring so that we are always one step ahead of the data stealers.
