Information security challenge

Cyber security threats occurring globally are leaving no country protected fully from security breaches


Imran Batada March 07, 2019
The writer is Director ICT & Founding Director of Center for Information and Communication at IBA. He tweets @imranbatada

Information security challenge, although extremely relevant, is one of the most neglected aspects across the corporate world. In this age of digital technology, it has become inevitable that digital platforms must be secured and adoption of effective security and fraud prevention strategies have become need of the hour.

The same interconnectivity that is the gift of modern information technology has become a critical aspect for culprits to carry out criminal activities. Almost every field has experienced a revolution due to the tremendous growth of IT, therefore, solutions that address cyber threats are required more than ever.

Cyber security threats occurring globally are leaving no country protected fully from security breaches. A global management consulting and professional services firm, Accenture, provides consulting, strategy, technology and operations services.

Established in Dublin, Ireland, the revenue of the company is reported to be $39.6 billion. In 2018, the company reportedly generated net revenues of $39.6 billion.

More than 459,000 employees work at this organisation who serves clients in 120 different countries. In 2018, 137GB of data and 40,000 passwords have been breached at Accenture. The data stolen included secret API data, authentication credentials, certificates, decryption keys, and customer information.

Courier delivery services giant FedEx also faced data cloud breach in 2018 affecting 119,000 scanned documents. These included Photo ID from Mexico, Canada, the EU, Saudi Arabia, Kuwait, Japan, Malaysia, China and Australia.

Cyber-attack at the Australia Broadcasting Corporation (ABC) got 1,800 daily MySQL database backups being stolen. The stolen data included emails, logins, hashed passwords, broadcasting licence requests, secret access keys, and login details.

Who doesn’t know Adidas? The second-largest sportswear manufacturer in the world. The giant multinational also could not secure its data from being stolen. Contact details, usernames, and encrypted passwords of “few million customers” of the company got affected.

Internet domain registrar and web hosting company Go Daddy’s 31,000 system details got exposed. The detail included server configuration information, CSP billing information, and server workload information.

Last but not the least 1.6 million entries at Dow Jones also got breached. These included names, addresses, account information, email addresses, and last four digits of credit cards of millions of subscribers. All these incidents happened during last year.

It has not been much long ago that Pakistan has gone through a digital revolution. Digital infrastructure, big data analytics, the internet of things, artificial intelligence, and block chain has disrupted the traditional ways of data handling and analysis.

Chief Executive of Ebay, Mr Devin Wenig, declared Pakistan one of the fastest growing e-commerce markets across the globe at the World Economic Forum 2017. Daraz.pk is Pakistan’s largest e-commerce platform which was bought by Alibaba in 2018.

However, with growing utilisation of digital technologies, grows the threat posed by cyber attackers. Cyber criminals have developed newer and more sophisticated techniques to get unauthorised access to people’s private and personal data. Financial institutes of Pakistan recently got vulnerable to these threats.

Last year, in a breach of internet security, millions of rupees got stolen from a local bank from international payment card in the month of October. According to the cybercrime wing of Federal Investigation Agency (FIA), all banks of Pakistan got targeted in this recent cyberattack.

Highlighting the impact of bank account hackers, Krebsonsecurity.com which is a renowned digital security website states that, data of more than 8,000 account holders of 10 Pakistani banks got sold in the market.

According to a news story, Chief Executive of PakCERT reports that a total of almost 20,000 cards of 22 Pakistani banks got affected by the recent security breach.

Considering the criticality of threat and its implications, the State Bank of Pakistan (SBP) has issued Enterprise Technology Governance and Risk Management Framework for Financial Institutions.

The primary aim of the framework is to compel the financial institutions to minimise the risk factor through attaining maximum level of cyber security and creation of safe and secure technology operations.

However, it is not necessary that it is the bank which is always on the wrong side. Slackness of the end user/client also results in money-stealing incidents as hacking attempts and fraudulent transactions are two different things. Stressing this point,

The Pakistan Banks Association states that lost cheque book can be used to steal money. Similarly, data of the lost credit/debit card can be copied through certain expertise and can be used for money transactions. All such kind of fraudulent attempts do not need cyber security breach of bank.

Leading threat patterns: The leading threat tools are reported to be misconfiguration error, shadow IT, insider privilege misuse, backdoor hacking, use of stolen credentials, phishing.

Misconfiguration error: The term refers to an attack in which pages not in use, unpatched flaws or access default accounts, unprotected files and directories were utilised by the cyber attackers to gain unauthorised access.

Shadow IT: It is the mechanism of system that is unrecognised by the IT department of an organisation. Although it is considered as important source of innovation, Shadow IT is often used for cybercrimes as the identity of the user is completely hidden.

The software and hardware used without the knowledge and recognition of the IT mechanism of an organisation can have unauthorised access to and steal data easily.

Insider privilege misuse and backdoor hacking: Insider privilege misuse refers to employee’s attempt to have excessive amount of rights to the data of an organisation or its customers. In this connection, organisations are at risks of facing cyber-attacks by its own IT professionals.

Backdoor Hacking: A quite famous tactic, it is an attempt to gain access to the data through bypassing normal authentication. Hacking is one of the most dangerous tools used to commit cyber-crime as they cannot only be used for stealing data but also allow the attacker to use your identity.

Phishing: it is an extremely dangerous tool of threat activity that works on exploiting the human nature of curiosity. You receive an email from an unidentified source. The Fear of Missing Out compels us to click the mouse button.

The moment this email link is opened; your data get accessed by the attacker for explicit means. Internet giants such as Google and Facebook are vulnerable to phishing threat and have lost hundreds of millions dollars.

What to be done? Gartner Inc. states that 99 per cent of the cloud security failures through 2023 will occur due the fault of customer’s side. This is quite an alarming and eye-opening finding for not only those who want to secure their data but also for those who rarely pay attention towards preventive measures.

A security awareness campaign should be run to educate the users using different platforms such as mainstream media, social media, print media, seminars, etc. Multiple-level authentication system should be imposed for carrying out not only online transactions but also all the other kinds of transactions.

Last but not the least, several techniques related to Big Data Analytic/intelligence, incident response, fraud management should be applied in order to come up with fool-proof security intelligence.

Published in The Express Tribune, March 7th, 2019.

Like Opinion & Editorial on Facebook, follow @ETOpEd on Twitter to receive all updates on all our daily pieces.

COMMENTS

Replying to X

Comments are moderated and generally will be posted if they are on-topic and not abusive.

For more information, please see our Comments FAQ