The introduction of Big Data in conjunction with the increase of cloud-assisted technologies has been improving the way we do business, but the benefits of analysing the increased amount of data available are not without certain risks. The challenge for companies leveraging cloud computing is to strike a balance between brand protection and data fidelity. Being aware of these security challenges and how to protect against them will ensure your company can move safely into the Big Data future.
1. The resurgence of Ransomware
Gaining prominence in the early 90s, ransomware is seeing a big resurgence online, targeting companies rather than individuals.
Ransomware is essentially a malicious attack that steals data from computers and servers and then attempts to extort money from the owners of the data.
Spam is the most common tactic for ransomware, and is spread using “social engineering”. Recipients of the spam email or message are tricked into clicking on a malicious link or opening a malicious program or document, for example the Wannacry ransomware attack. The Wannacry attack was a worldwide cyberattack in May 2017 by the Wannacry ransomware cryptoworm that targeted Microsoft Windows OS computers and encrypted their data. The only way for users to receive the encryption key was to pay a ransom in Bitcoin currency.
These messages and emails sometimes appear to come from a friend, colleague or manager. Other times, they appear to come from legitimate institutions and ask you to perform routing tasks like “update your details” and “choose a new password”.
Once the link is clicked, the victim is then blackmailed, either through a false claim such as:
- This computer has been used for malicious activity
- Your computer now has a virus
- Data will be deleted from the computer at intervals until the ransom is paid.
In some cases, actual malicious software in installed on the machine, giving the attacker even greater access to proprietary data.
Ransomware can come in a number of variants. Some of the most common include:
- Cerber – Targets cloud based Office 365 users using elaborate phishing campaigns
- Crysis – Encrypts files on network drives with strong encryption methods that are hard to crack
- CryptoLocker – Synonymous with ransomware, 2013’s Cryptolocker was shut down in May 2014, but not before extorting around $3 million USD from victims. The CryptoLocker approach continues to develop and be mimicked by others
- Jigsaw – Jigsaw deletes files every hour until a ransom is paid. Worse still, after 72 hours it deletes all remaining files.
Protecting against ransomware
The best form of protection against ransomware is continual education of staff in the recognition of social engineering attacks. Teaching team members to recognise a malicious email or message and how to properly deal with potential threats along with compliant firewall spam filters is your best defense against the threat of online phishing.
2. Bitcoin and other anonymous currencies
The convergence of currencies like Bitcoin and the rise of cloud computing combine to create a more lucrative environment for ransomware bullies.
Blockchain currencies aren’t as easy to track as other currencies at this point in time, and the move to SaaS computing for most services means the everyday worker is using online resources more and more exposing them to attack.
Once major financial institutions implement new protocols, blockchain could represent a significant leap forward in financial cybersecurity. Until such time, companies should be wary of engagement with virtual currencies and only do so after consultation with cybersecurity professionals.
3. DDoS Attacks
In the early days of the Internet, Direct Denial of Service Attacks (DDoS) were often performed en masse to temporarily shut down a website by flooding its servers with requests.
The brute force nature of the attack means there are ways to protect against DDoS. Yet the popularity of the cloud exposed more resources to the web, heightening the risk of DDoS.
In modern times, DDoS attacks leverage sophisticated botnets by installing malicious software in thousands of unknowing computers. This allows a small team or even single operator to leverage a geographically diverse number of computers for the attack.
4. Application centric security
Prior to the cloud, computer security focused on the health of the device. Antivirus software installed on every machine is the most common example of device level security. Other measures, like password policy and domain management also help secure individual devices from attack.
With cloud based applications however, the device itself might not be able to offer much protection. In some cases, the device isn’t even touched by the security breach. A social engineering ransomware attack that uses spam email to distribute the phish is device agnostic. A user could become a victim on their phone, work PC, laptop or tablet.
5. Regulating the Internet of Things
Creating antivirus programs for small devices that rely on firmware rather than common operating systems isn’t practical in most cases.
Similarly, with many Internet of Things (IoT) devices being small and relatively cheap to produce, a lack of quality control or universal standards currently makes the security considerations of many IoT devices opaque.
While someone hacking a fridge or microwave might be more inconvenient than dangerous, there are IoT uses that do pose serious threats to our safety.
Threats to IoT
Antivirus software company McAfee estimates that drone control toolkits are already propagating online and actual use of these exploit toolkits will become more prevalent in 2017. Remote access and unauthorised control of these drones remains a serious threat to business and personal safety. Another vulnerability is posed by malicious attacks on IoT sensors that control temperature of server rooms, food industry, manufacturing, and primary production.
The Big Data solution
As we increasingly rely on cloud technologies and Big Data to monitor important decisions in our business process, the need to protect IoT sensors is paramount.
Big Data might be under threat from malicious IoT attacks, but it will also help provide the solutions. Managed trust certifications via cloud assisted authentication will provide IoT device manufactures and firmware builders with universal protocols to define the trustworthiness of network access.
Control of these devices might come from authentication servers that verify via the device’s MAC address or other unique ID that can’t be altered.
Correctly validating these certifications will require new skillsets. Forward thinking companies are already in consultation with network security experts on how best to protect their IoT devices.
6. Skills shortage in Big Data
Like any new industry sector Big Data and adjacent skillsets like cloud security and infrastructure DevOps are suffering from a skills shortage. Solving issues and challenges with limited resources can impact the efficiency of your Big Data applications. For many companies a professional consultation service can fill the skills shortage that might not be reconciled until the next generation or IT professionals enter the workforce.
7. Retaining anonymity under Big Data
Since the early days of the internet, questions of identity and anonymity have continually defined how and why we interact with networks. The tension between the personalisation benefits of data collection and a person’s right to anonymously access information remains a complex problem for brands, businesses, and the Internet as a whole.
While many companies have already learnt that data analysis is possible without compromising an individual’s personal identity, even the best policy is open to abuse when malicious attacks threaten security.
For example, a company that collects names and addresses might store that information in an encrypted segment of their cloud architecture, separate from purchasing habits or other data.
But because the personal information is still linked by unique identifiers, the potential for savvy computer hackers to piece together the data set from partial records remains a concern.
A question of responsibility
Companies that can’t protect the privacy of their users can damage their reputation, lose sales and find it difficult to attract top tier talent.
Often, the solution to personal information protection comes down to an issue of risk management. You need to ask:
- Can you be certain your data is being stored in data centres that have stringent cybersecurity requirements?
- What about the location of these data centres?
Many data centres routinely backup their data by transferring it to different sectors geographical locations. If some of these warehouses are stored overseas, in regions where pipeline security cannot be guaranteed, it’s that much easier for cybersecurity threats to compromise data integrity.
It’s your business
Brands that outsource their data needs are still responsible for how that data is used. The best protection against compromises to customer data is a transparency between your company and any third party that touches your customer data. Understanding how data is stored, transferred, and secured will go a long way to securing the needs of your customers without sacrificing the benefits of Big Data.
8. Poor design
Though many platforms are marketed as Big Data-enabled, meaning that they will allow you to export amounts of data required to classify the information as ‘Big Data’, very few are ready to address the security concerns of a completely networked, cloud based environment. Lack of compliance, encryption and policy enablement present significant challenges to risk management. Without a team of skilled cybersecurity professionals in your corner, your business could be exposed to malicious threats purely through badly designed software.
9. Budgeting for cybersecurity
With cybersecurity threats becoming more sophisticated and an ever increasing amount of work done in the cloud, companies must reassess their budgets for cybersecurity and protection against online theft and fraud. For example, in June 2017 several Australian businesses that have an international presence were targeted by the Petya cyber attack; these businesses include the iconic Cadbury chocolate factory in Hobart, and the global law firm DLA Piper. DLA Piper clearly had a plan in place in the event of such an attack, as a text message was released to all Australian staff prior to business hours commencing and within hours of the attack to notify them of what had happened, and to provide crucial instructions regarding the need to not log on or turn on their computers.
Cyber security is not exclusively required by big business – Australian Cyber Security Minister Dan Tehan has issued an urgent warning to small businesses urging them to update their cyber security.
Every Australian business should have an effective cyber security plan, and an ongoing budget built into their future projections to ensure that your company’s information and clients are protected from unethical hackers, viruses, and ransomware attacks.
The right solution for your business
While most experts agree that around 10% of the ICT budget should be dedicated to cybersecurity, few businesses are meeting these goals. If you’re concerned about security, it’s time to talk to the experts at Kiandra about how your business can benefit from better data in action.