Cybersecurity
Name
Institution :
Cybersecurity
According to the Notifiable Data Breaches report (NDB), several data breaches have occurred during the COVID-19 pandemic. According to the report, criminality is the leading cause of data breaches, followed by human error (Liu, Han, Wang, and Zhou, 2018). The increasing number of data breaches has been caused by COVID -19 policies and health practices, such as lockdown, leading to a rise in internet and information technology use (Cheng, Liu, and Yao, 2017). One hundred and fifty ransomware attacks have been reported in the past six months, forty-seven percent result from social engineering techniques. The paper discusses information security data breaches and why they happen and how to prevent it from happening.
A data breach is a security issue where a cybercriminal infiltrates a data source and steals valuable or sensitive information. The data breach process is an operation that can be conducted remotely or physically, aiming at intruding network security (Liu, Han, Wang, and Zhou, 2018). The operation follows four major processes chronologically: research, attack, social attack, and exfiltration. Cases of a data breach to date are an endless list: eBay, case, JP Morgan and Chase bank, Target, Equifax, Time hop, and Yahoo.
Data breaches can be traced back to when companies started dealing with data through record keeping, for instance, keeping medical files and students register. The frequency began in the mid-nineteenth century when cloud computing and the internet became fundamental in businesses. Awareness about data breaches began in the late nineteenth century and early twentieth century. Various compliance laws, such as HIPAA, and PCI data security standards, were developed to Help companies in dealing with data breach cases (Cheng, Liu, and Yao, 2017). The compliance regulations used various security standards to ensure that companies are secure from data breaches, such as data storage regulations, handling sensitive and valuable data, and data privacy rules.
Cases of a data breach rose from 2005 to data due to technological innovations and workplace creativity. Saving data in electronic devices, such as electronic health records, has increased the level of cyber threats and vulnerabilities for a data breach (Cheng, Liu, and Yao, 2017). Today, a data breach has affected millions of people and companies across the world. Data breach targets organizations, such as government agencies, military agencies, financial institutions, business, and education.
Time hope, Reddit, Equifax, Ashley Maison, and Dixons Carphone are famous data breach cases in the twentieth century. Time hope a mobile vendor business went through a data breach that affects twenty-one million users in 2018. In the same year, the Reddit data breach took place, and Dixon affected ten million customers (Liu, Han, Wang, and Zhou, 2018). Over the years, health care and financial institutes have been the most affected organizations by a data breach. In 2018, Singheath, a healthcare provider, experienced an attack that resulted in a massive loss of data belonging to 160,000 patients. In the same year, the famous Hong Kong department of health, a government medical agency, went through a data breach caused by a ransomware attack.
Regardless of the type of security imposed in most government and private agencies, cybercriminals find ways of intruding and compromising data (Talesh, 2018). The united states OPM attack compromised employee’s sensitive information of eighteen million employees, including the agency’s top secrets, such as training details. In 2017, the United Kingdom military contractor went through a data breach from a military attack group through the back door technique. JP. Morgan and Chase bank’s data breach affected seventy-six million people and seven million businesses (Liu, Han, Wang, and Zhou, 2018). The data breach compromised the client’s personal identification information, such as phone numbers, email, names, and addresses. The University of Maryland is among the popular educational facility that received data breach. In 2014, the university’s three hundred thousand records were stolen, including student information, financial and medical information, and staff records (Talesh, 2018).
Cybercriminals target information and companies that hold valuable information that could Help in attaining their target. For instance, cybercriminals steal personal information for fraud, identity, and blackmail, especially when involving military agencies or government administration. Some of the information stolen by cybercriminals includes members’ names, credit card numbers, members’ identification numbers, banking account numbers, clinical information, and birth date. The cybercriminals acquire data for a significant target, such as an influential individual in the company or a group of political leaders. However, cybercriminals stealing the overall data affects other members financially. Business organization data breaches target the company’s customer information, internal business data, transactional history, and inventory. Businesses have lost millions of data and finances through data breaches (Liu, Han, Wang, and Zhou, 2018). Identifying the causes of data breaches is the best way to finding a solution to the global issue.
According to researchers, seventy to ninety percent of data breaches are caused by social engineering attacks. In 2018, thirty-three percent of data breaches happened due to social engineering hacking. Social engineering is considered one of the most malicious and dangerous threats to business organizations. The cybercriminal or the hacker uses social approaches to extract valuable information from another person, for instance, getting passwords (Talesh, 2018). The attacker uses enticing and pleasing terms and deals to create a better relationship and create trust with the user. According to one of the popular cybersecurity organizations, social engineering consists of various activities that used psychology to manipulate users into providing sensitive information (Coulibaly, 2020). Some of the common social engineering attacks include email phishing, message phishing, phone vishing, face-to-fact interaction, and the use of multiple approaches. The attackers require knowledge about hacking and a few technical skills.
Cybercriminals take time to research the target, such as connecting and building relationships with a person or an organization. Tracking an individual page on the internet, such as Facebook or Instagram, is a research method. Also, hackers acquire information from google as an essential search tool. The more a hacker trash an individual, the easier the attacker gets closer and solicit valuable information (Liu, Han, Wang, and Zhou, 2018). For instance, an attacker can be aware of information about the pages a person likes on Instagram, individual watches from movie sites, and YouTube. Cybercriminals conduct impersonations in organizations, thus causing people to pay a considerable amount of money. Through tracking, hackers became aware of close connections, such as job, medical, or school information.
Hacker’s social engineering attack life cycle consists of various phases. The attacker’s lifecycle includes the investigation phase, relationship building phase, play, and exit phase. The investigation phase includes conducting research and collecting information that would Help in the hacking process. The relationship-building phase involves building trust and creating diverse connections to acquire data (Liu, Han, Wang, and Zhou, 2018). After carrying out an investigation and building a closer relationship, the attacker uses the interactions and the information to reach it. The hacker exploits valuable data through baiting and other methods used to entice users. The exit phase is the last; here, attackers apparent all evidence that may lead the attacker in trouble, for instance, wiping fingerprints (Cheng, Liu, and Yao, 2017). Some of the most common hackers’ techniques include baiting, pretexting, phishing, spear phishing, and scareware.
Lack of access control, such as authorization, and authentication, can be a significant cause of data breaches. Access controls help avoid data security and privacy cases (Liu, Han, Wang, and Zhou, 2018). The security control allows a specified group of people to access information in an organization. On the other side, too many permissions may be dangerous to an organization’s data. Some organizations place too many permission controls leading to confusion. Too many permissions may confuse the administrator about who is supposed to be permitted or provided with the authentication number.
Employee’s, close friends, and colleagues at work may be the cause of a data breach. Employees may conduct an insider attacker aiming at the organization’s financial data. Most of the time, employees consist of organizations confidential, such as passwords, hence can easily intrude and acquire information. Insider attacks are a significant cause of data breaches today because most organizations’ security teams tend to believe attacks come from outsiders to the company (Cheng, Liu, and Yao, 2017). Running improper configurations may cause a data breach to happen. Improper configurations give rise to errors that need to be corrected to avoid an intrusion. For a data breach to occur, the organization must be careless, ignorant of correcting security errors. In sider error may include losing a computer system or valuable documents,
Data breaches happen due to an organization’s use of invalid security codes, credentials, and stolen credentials. Sharing of passwords and stealing of passwords are the most common causes of a cyber breach. Cybercriminals do not require too much knowledge to acquire a password. Mostly, hackers are good at guessing and trying the most common concepts applied in password creation; for instance, people like using their date of birth, numbers, and name initials, which is an easy guess. Most secure passwords can easily be hacked unless the password is too complicated (Coulibaly, 2020). Opportunists hackers tend to use lost or old passwords in accessing an account. The solution to weak and stolen credentials is simple. Using complex passwords and avoiding sharing passwords is the leading solution to the problem. Users should use passwords that consist of alphabets, numbers, punctuation marks, up a case, and lowercase letters. A complex password is hard for a hacker to predict, hence safe from a data breach.
Additionally, malware is a significant cause of data breaches in the twenty-first century. Today, most of the data breach cases are caused by malware attacks from cybercriminals. According to research, malware attacks occur after every second across the world. On the other hand, malware attacks are designed according to the organization, hence unique. Attackers use direct and indirect malware, which involves a malicious tool or software introduced into the system without bad intention (Coulibaly, 2020). However, software becomes a suitable platform for a hacker to intrude and steal information, including all dynamic systems, for instance, accessing unfamiliar websites and emails.
A data breach can be detected through information security experts and cybersecurity experts, for instance, a cybersecurity director or a chief-information technology expert. Employing experts in an organization or learning about cybersecurity is an effective method of detecting and identifying a data breach (Liu, Han, Wang, and Zhou, 2018). Also, staying up to date is essential; for instance, training employees on the current techniques and skills applied in data security and privacy. Upgrading and updating information technology systems, such as scanners, computer systems, may make it challenging for the attacker to access the systems. On the other hand, data breach detection tools are essential in detecting and identifying data breach incidents.
Data breach detection tools play a vital role in keeping companies and users safe from data breaches. The detection tools include Snort, Suricata, OSSEC, security union, VI stumbler, Bro Network Security Monitor, and smooth wall express that protect organizations from open source security intrusions (Cheng, Liu, and Yao, 2017). The tool is categorized into firewalls, network monitoring systems, anti-virus, remote monitoring application, and Intrusion Prevention Systems (IPDS). Snort is one of the source intrusion prevention tools used in Unix and Windows devices. Snort is available online, where rules and services can be acquired through subscriptions.
Having a data response plan is the best way to handle data breaches. The data breach PLAN is used to mitigate the damage caused and enable the organization to continue. The data breach response plan is implemented in case of a data breach. Additionally, a plan to contain the breach is necessary for the organization, where the containment plan notifies the security team on the physical or logical threat (Cheng, Liu, and Yao, 2017). The team of experts may preserve the evidence collected while cleaning up the damage or the mess. Nevertheless, Risk Assessment is necessary for developing policy strategies for preventing a data breach. During the Assessment process, the security experts record the time the data breach has taken place, the location, the intensity of damage caused, and the type of data leaked.
Data compliance laws and regulations are endless, for instance, the General Data Protection Regulations (GDPR), the Health Insurance Portability and Accountability Act (HIPAA), and the Payment Card Industry Data Security Standards (PCI-DSS). Various companies adopt compliance regulations to prevent and reduce data breach cases. The compliance regulations are selected depending on the company’s type, for instance, public or private companies. Compliance agencies consist of data security policies and standards as compulsory legal requirements.
Developing a data security policy is the best way of dealing with data breaches. Most organizations develop security policy templates, where employees and other staff are expected to follow. For instance, frequent change of passwords, use cloud encryptions and services when necessary, discard dormant information technology systems, update computer systems, and repair worn-out systems. Also, automate any organization’s service, such as authentication methods, such as biometrics, fingerprints, and face recognition. Training and creating awareness are another vital poly that would help employees and staff protect data and avoid sharing passwords. Other data protection Measures include patch management, audit assessment, and data tracking systems.
Data breaches can be traced back to the pre-technical era, where people could peep on documents. Today, a data breach has increased due to technological advancement high crime rate, which has become a significant concern globally. Researchers are still developing methods of dealing with data breaches as more hacking skills and techniques are innovated(Cheng, Liu, and Yao, 2017). Data breaches affect individual users and companies—for instance, government entities, military agencies, and education institutions. Data breaches result from social engineering practice, conducted by hackers, or human error, such as misconfigurations and misplacement of information technology systems. Data breaches happen to die to a wide range of causes, including physical intrusions. Developing policies n response plan strategies is the best way to handle data breaches in the current century.
References
Cheng, L., Liu, F., & Yao, D. (2017). Enterprise data breach: causes, challenges, prevention, and future directions. Wiley Interdisciplinary Reviews: Data Mining and Knowledge Discovery, 7(5), e1211.
Coulibaly, K. (2020). An overview of Intrusion Detection and Prevention Systems. arXiv preprint arXiv:2004.08967.
Liu, L., Han, M., Wang, Y., & Zhou, Y. (2018, June). Understanding data breach: A visualization aspect. In International Conference on Wireless Algorithms, Systems, and Applications (pp. 883-892). Springer, Cham.
Talesh, S. A. (2018). Data breach, privacy, and cyber insurance: How insurance companies act as “compliance managers” for businesses. Law & Social Inquiry, 43(2), 417-440.