According to the Annual Data Breach Investigations Report by Verizon, the state of cybercrime is based on actual data breaches and is a realistic picture of how systems are being compromised across the world, rather than unreliable surveys. Based on over 2,000 breaches and more than 65,000 data security attack incidents in over 100 countries, the report published in 2014, introduced some very important lessons that need to be taken seriously by every CIO and CTO of organisations.
Rise of corporate espionage
Although the vast majority of cybercrime consists of cyber terrorists in search of financial gain, which is 60%, the rising incidence of intellectual property violations is increasing in leaps and bounds with regards to the data thefts, which is approximated to be around 30%.
Reports of hackers who wreak havoc simply for fun and do not appear to be seriously involved in any crime or those who are impressed by a specific ideology were nearly zero. A large group of hackers known as Anonymous and their connected associations are still high on the list of threat agents, but off late there has not been much participation from this group ever since a number of countries enforced stringent laws and made an example of such incidences.
Moreover, with the rise of such examples, most people are not willing to risk their day jobs and real lives by believing that they will not be caught. Hence, the only cybercrime that posted a gradual uptick in 2013 was internal employee threats; even partner or collaboration-crime was nearly zero. The report published statistics on insider crime, specifically perpetrated by end-users and cashiers.
Stolen credentials leading the way in hacking incidences
No network administration department is unfamiliar with hacked stolen credentials. Hackers enter an individual’s account through hacked logon credentials and hold the entire environment to ransom. Some of the top threats in this area include back door viruses, phishing, data exporting malware and RAM scrapers. Attacks concentrated on commercial retailers, such as the recent breach on target are referred to as RAM scrapers.
Hacking incidences are discovered internally rather than by outsiders
Considered to be a huge development in the field of data breach and theft, discovering breaches internally can help in fixing up the situation faster rather than discovering it through an outside source. One of the few positive points in the report by Verizon is the increasing chances of noticing data thefts within event backlogs and through internal introspection and taking actionable alerts to amend the disaster. However, the only flip side has been that it takes a long time to detect who is behind the attack in such a scenario. Simply put, a malicious insider would have done the dirty job in a matter of minutes or days but it would have taken months for the hacking to have been detected. And although this is a terrible factor to be considered, it is a small step towards understanding how the hacks are taking place and that it is contained within the unit itself. Doing so can help in preventing all kinds of unpleasant external communication and uncomfortable discourses with individuals outside the organisation.
Comprehending the fundamentals of file transfer encryption is unquestionably decisive for securing the file transfer data of any organisation. Nevertheless, purely realising only the fundamentals will not do a company any good. Companies also need to realise how precisely they can employ file transfer encryption to safeguard their most confidential data, information and folders as well as build an extraordinary track with no unbroken chain of custody.
It is crucial to note that the type of encryption that the company uses is not as significant as how the encryption is accomplished. What is most vital, is how the keys are dealt with, and the propensity for the files’ enciphered replicates to get mislaid and get into unscrupulous hands.
Making use of a reasonably latest encryption algorithm or solution (such as PGP) is a winning start, but at the end of the day, what really matters is the fundamental management and implementation. If the PGP procedure becomes too complex, it is possible that someone within the organisation will wind up avoiding it and, in all probability make use of another application such as a file hosting service. This could mean that every precise move that the company has taken to protect and shield its data has now been in entirely in vain;the whole purpose of implementing PGP becomes completely circumvented.
Maintaining data integrity
A number of transaction files in an organisation have direct financial consequences. As alarming as this might come across, prohibited alteration transaction is one of the most effortless ways of committing fraudulence. Since there is no solution that can be used in all data integrity and file transfer circumstances, an organisation has to support the various protocols and kinds of encryption depending on what is exactly relevant to the company. Even though PGP renders data integrity – it authorizes the creator to digitally sign the contents and the file to ascertain that it doesn’t get altered while in transmission – it still remains only a part of the resolution.
Some companies opt to employ manual detection systems with the purpose of ensuring that their check aggregates are not manipulated with, at the closing of a transaction. Doing so can completely nullify the entire process of using PGP while at the same time slowing down the entire procedures.
Making use of access control
The manner in which various parties approach and transfer their private data and documents, while not providing access to other parties’ data files can become extremely complex. A number of organisations discover that it gets even less manageable when FTP or custom web applications are being used. In this case, if one can go past the initial phases of protection, then by and large almost anyone can get access to everybody else’s data and documents.
It is important to make use of both passwords and accounts in order to access controls. If there is no specific policy built in, the company then becomes highly susceptible to attack. However, if there is a policy in place, it is important to understand how the company will use the policy to disengage accounts when they get erroneously locked away. Furthermore, companies must also note that FTP and custom applications have now been found to be unsafe. There are rudimentary authentication issues in both and a number of snags.