This was one e-mail that Air India prospects actually didn’t anticipate or ever need. On 22 May, the airways revealed that 10 years’ value of its buyer information together with bank cards, passports and telephone numbers have been leaked in an enormous cyber-attack on its information processor in February. The incident has affected round 45 lakh prospects registered between 26 August 2011, and three February 2021, in accordance to Air India.
The (*6*)’extremely refined’ assault was focused at Geneva-based passenger system operator SITA that serves the Star Alliance of airways together with Singapore Airlines, Lufthansa, and United apart from Air India. The leaked information, in accordance to Air India, included names, date of delivery, contact info and ticket info, frequent flyer numbers and bank card information however not passwords. This hardly would offer any consolation to the airways’ prospects.
This wasn’t the primary information breach, and it actually will not be the final. For occasion, there was a way of deja vu this April when Alon Gal, a safety researcher at cybersecurity agency HudsonRock, tweeted that non-public information from 533 million Facebook accounts was leaked on-line at no cost. A Business Insider report later mentioned it verified a number of of the information, which have been from 106 international locations, together with 6 million in India. The information included consumer “…phone numbers, Facebook IDs, full names, locations, birthdates, bios, and — in some cases — email addresses.”
According to 2019 Q3 Data Breach QuickView Report, there were 5,183 breaches reported in the first nine months of 2019 exposing 7.9 billion records. The numbers have only increased exponentially since then.
For instance, data from over 500 million LinkedIn customers—together with consumer IDs, full names, e-mail addresses, telephone numbers, skilled titles, and different work-related information—has been hacked, in accordance to safety information and analysis group CyberInformation.
While LinkedIn clarified that the data set does not include sensitive information like credit card information or social security numbers, the fact remains that the leaked data could help hackers use the email addresses and phone numbers to spam or even loot people online. Users can see if their data has been compromised by the incident by accessing sites like Have I Been Pwned, which list major data breaches.
Our own research reveals that data breaches take place almost daily but remain undetected for almost 270 days on an average.
Data breaches can prove expensive to users since hackers are bound to use the information for social engineering (advanced phishing), scamming, ransomware, spamming and marketing, causing users immense amount of distress and financial losses too in many cases. Companies, too, must bear the brunt in terms of brand reputation and penalties. The UK’s data privacy watchdog, the Information Commissioner’s Office (ICO), for instance, fined the Marriott Hotels chain GBP 18.4 million (roughly Rs. 190.30 crores) last year for a major data breach that may have affected up to 339 million guests in 2018.
The pandemic, which has accelerated the process of digitalisation in enterprises, has ironically accentuated these cyber maladies too. Moreover, as workers increasingly work from home, they begin accessing more data in the cloud, calling for increasing security measures in companies and on user devices that access this data.
In this context, it’s first important to define the cloud. Companies may be using public cloud services that could include software-as-a-service (SaaS), infrastructure-as-a-service (IaaS), and platform-as-a-service (PaaS). They could also host their data on their premises – a trend known as private cloud. Or they could be using a combination of both the private and public cloud services–a trend known as Hybrid cloud.
Each of these situations demand a nuanced cloud strategy since the cloud provider and cloud customer will share different levels of responsibility for security of the data. Further, the solution that a security vendor will provide needs to detect and respond to security risks in real-time, regardless of where the user is operating from – home, office or travelling.
While no vendor can claim to possess any silver bullet that can provide blanket cloud security, it’s important that companies know the location of their data; what data they have stored in the cloud; who has access to it and whom are they sharing it with, and on which device.
Here’s what works for most clients.
First, the solution should provide an intuitive user-interface that enables visual analytics, a multi-dimensional view of the data, and tools to slice and dice information in ways that will enable companies take speedier action when an anomaly is detected.
Second, cloud-native applications rely on the environment for telemetry – the automatic collection and transmission of data to centralised locations for subsequent analysis. Hence, the solution should allow not only for cloud telemetry but also for telemetry for the data that resides on end-point devices like smartphones, tablets and laptops that are being used by workers who are travelling or at home. Third, these endpoint devices can be powered by Linux, Windows, or Mac, which implies that solution should be operating system agnostic.
Fourth, companies should include Cyber Situational Awareness (CSA) capabilities in their arsenal. CSA is critical when talking about cybersecurity, simply because like in traditional warfare, cybersecurity teams need to understand where the threats reside, where they are coming from, and how they mutate over time, among other things.
Fifth, it’s important to note that artificial intelligence (AI) systems can be used to identify and predict attack patterns, thus dramatically decreasing the response time. The problem, though, is that if a company is using a basic machine learning (ML) system, which has been trained on historic data, this system will be unable to spot new threats since hackers too are using AI systems.
Sixth, retraining your workforce, as consultancy firm McKinsey notes, is another critical aspect of cybersecurity. This is important since the typical technology workforce of an enterprise is trained in developing business applications in the traditional IT framework but most of them need to be reskilled or upskilled for the cloud environment, McKinsey insists.
All these issues become critical since with the fifth generation, or 5G networks soon to replace 4G networks, cloud security will become more vital especially when it comes to protecting end-user devices. The reason is that 5G connects more devices than earlier technologies, expanding the surface for cyber-attacks and making it riskier for companies.
Naveen Jaiswal is the Co-Founder and Head of Research & Development at Vehere.
Disclaimer: The opinions expressed within this article are the personal opinions of the author. NDTV is not responsible for the accuracy, completeness, suitability, or validity of any information on this article. All information is provided on an as-is basis. The information, facts or opinions appearing in the article do not reflect the views of NDTV and NDTV does not assume any responsibility or liability for the same.
