Home delivery, online banking, mobile wallets, e-learning, virtual school, work from home, and even online passport processes or vaccination registrations – the flipside of convenience is data breaches and cybercrime. A study shows that there has been a 90 – 100 percent rise in Account Take Over (ATO) attempts this year, resulting from serious data security breaches on major brands in EdTech, OTT platforms, and e-commerce applications.
Several major incidents this year alone have raised concerns about the vulnerability of personal data, and where the responsibility for protecting this lies. According to a report by a data protection company, more data was stolen in January 2021, than in all of 2017. An example that resonates with most people is that of Facebook, where personal data of more than 533 million users globally was posted to a low-level hacking forum. In May, a cyber-attack at Air India leaked about 45 lakh passengers’ details including their names, birthdays, contact and passport information, flight details, and credit card information.
In any data breach, hackers target personal identifier information (PII), which they sell on the dark web. Large enterprises and business-to-consumer (B2C) goods and services applications or websites are a prime target for hackers, as their large databases of credential data make for a lucrative deal. Buyers use this data for nefarious reasons. They sometimes target individuals for financial fraud, identity theft, and in some cases personal security. More often, they hold large enterprises to ransom or use the stolen data to gain a competitive advantage through stolen research or corporate spying. Bitcoin theft is currently another motivation for hackers, as the value of a single Bitcoin is around 40000 USD. Verizon’s 2021 Data Breach Investigations Report (2021 DBIR), has found that 61 percent of breaches involve credential data and in the Asia Pacific, most of these breaches were financially motivated. “Social engineering, hacking and malware continue to be the favored tools utilized by actors in this region,” as per the report.
Companies are aware of the increasing cyber security risks from virtualization and the cloud, and consider data breaches to be the most critical organizational risks today. The impacts of data breaches are significant, ranging from intellectual protocol (IP) theft, loss of reputation, markets or customers, or financial losses. The way to counter the activities of malicious hackers is for the industry to collectively fortify data protection and cybersecurity practices. This can only happen if companies learn from the mistakes of others, and consider every data breach as an opportunity to strengthen defenses.
A strong defense against data breaches is three-fold, centered on systems, processes, and people. Most data breaches occur because information stored is not well protected. At the system level, a robust storage strategy combining on-premises and cloud, along with plans for data backups and data recovery can protect against loss of data. Measures such as encryption and firewalls protect against potential attacks. Enterprises need to have strong policies and processes to implement the data protection plan and address actions at an individual level. Strict authentications and authorizations are the first levels of protection against threats that target individual users. A zero-trust approach is a best practice, where companies can deny and disable all user rights by default and grant access only on request, based on use cases, policies and processes. These accesses cannot be granted one time; companies must review them on a monthly or quarterly basis and revoke all authorizations that are not approved. With employees working from home, protecting users’ laptops with firewalls, and constantly spreading awareness about best practices like password management, recognizing phishing and social engineering are important.
One practice that stands a company in good stead and helps create robust data protection is logging. Most often after a data breach, time and resources are spent to identify the source of the breach. A security logging program can capture events such as system startups and shutdowns, connections to networks, logins to applications, unsuccessful login attempts, successful and failed authentication attempts, as well as email and web activity. This forms a source of auditable data that can help identify the source of a breach, and also predict and prevent data breaches. Logs can help an organization to establish baselines for trends, and support forensic analysis. Maintaining, monitoring, and analyzing security logs can help companies form a strong predictive defense against hackers and prevent data breaches. World over, data is being targeted relentlessly. The Global Risk Report 2021, produced by the World Economic Forum lists cyber security failure in the top 10 risks that are most likely to happen. With work from home here to stay and companies either migrating to the cloud or being born in the cloud, data protection is now a basic operational element for every business to survive.