The amount of data is growing like an avalanche: only from 2010 to 2021, the volume of stored information increased 50 times. The number of Google and Amazon servers is estimated at millions. As Alibaba founder Jack MA put it, "data is the new oil." The value of information has become comparable to the value of raw materials. Information becomes particularly important in the context of its processing using machine learning and other modern technologies. The more valuable information is to a business, the greater the need to protect it.
Cybersecurity refers to one of the branches of information security and covers the protection of data in the networks of companies and organizations, as well as the protection of private information of individuals. Cybersecurity specialists are trained by both higher education institutions and specialized courses. At the end of the article, we will tell you how to choose such a course yourself.
The role of cybersecurity in the modern world
Data breaches in companies cause both direct financial losses and deferred reputational damage. Attacks on valuable information can be external or internal:
Here are the consequences of several recent data breaches:
In Russia, after the hacking of the Rosobrnazdor website, the data of more than 14 million former students "leaked". In may 2019, the personal data of 900 thousand OTP Bank, Alfa-Bank and home credit customers were publicly available.
The CIA, the FBI, the ministries of defense of the United States, great Britain, Japan, the European Parliament, the international Olympic Committee, the people's Bank of China, BitTorrent, GitHub, Skype, Tinder, WhatsApp and YouTube services faced data leaks.
Data flows not only through the network. Hackers and insiders often obtain valuable data using removable media, voice messages, SMS, audio and video communication channels, through paper documents, and even by studying the contents of trash cans. Theft or loss of laptops and other gadgets remains a common problem.
Information as a product
The Darknet sells and buys databases that store personal and confidential information. Among the products on this illegal market, there are logins and passwords of administrators of various resources, as well as data necessary for accessing financial and banking information. The most expensive accounts are those that are required to access websites, domains, and other network resources. Often, such data leaves auctions at a price from 125 thousand to 500 thousand dollars for one account.
Antivirus program user data, logins and passwords to file-sharing networks cost $ 1-2 for a valid pair – they are sold in tens of thousands. At a piecework price of several tens or hundreds of dollars, data is used to access social networks. Then such data is used for various scams related to obtaining loans, making installments, and registering dubious companies.
The value of information
It is important that the value of information changes rapidly. If the first buyer receives a database of Bank users at a price of several thousand rubles per record, then after several resales, the record price drops below one ruble. Often, users themselves help fraudsters by providing them with their confidential information when filling out the"raffle questionnaire". It also happens that information provided for obtaining a tourist visa or installment plan "leaks" from the company that is required to store such data.
Multiple use of credentials
A study conducted by the analytical company Digital Shadows showed that in 2020, compared to the previous year, the number of compromised credentials increased 4 times. The main reason is that users use the same or even identical passwords. Hacker software tools like Sentry MBA and OpenBullet can handle millions of valid pairs per day. The data from one successful hack is immediately used for attempts to access other user accounts.
Those who are going to commit a crime on behalf of another person can purchase a "digital identity" on the Darknet, which includes both social media records and data for accessing email, streaming and other services. There is also a service for renting someone else's account on illegal sites with payment based on the time of use.
Medical data and cyber security
According to Kaspersky Lab, in 2020 and 2021, medical information becomes more relevant for hackers than financial and banking information. Health data is used to blackmail and deceive not only the users themselves, but also their relatives. Cybercriminals can potentially change a patient's electronic medical records, making it difficult to make a diagnosis, forcing doctors to prescribe the wrong treatment.
It turned out that even medical research and MRI devices are vulnerable to remote hacking. Back in 2017, the medical equipment company Abbott had to update the software for 465 thousand pacemakers – the vulnerability allowed the hacker to change the patient's heart rate.
Methods of information attack
Hackers who break into banks over the Internet, which are celebrated in popular culture, are mostly a myth. Statistics show that 91% of information attacks on banks are carried out by corrupt employees of the banks themselves, 8% – by Bank intermediaries and only 1% are hackers. The password cracking procedure shown in movies does not take a few seconds, but at least several hours.
There are two main methods of password cracking:
This is not all the ways available to modern cybercriminals. They also have at their disposal::
What tasks do cybersecurity specialists solve?
Cybersecurity specialists protect the resources of companies and organizations from hacking. Some progress has been made in this direction: large-scale leaks from the Pension Fund, traffic police and other state organizations of Russia have stopped appearing on the web.
The DLP (data-loss prevention) strategy, which is implemented by information security specialists, allows you to control possible data leakage paths. Thanks to DLP, user actions are controlled via email, network protocols, Skype, instant messengers, and applications. DLP does not allow you to write data that is valuable to the enterprise to a disk, flash drive, mobile phone memory, or other external storage device. The strategy also prevents data theft by photographing the desktop screen.
Information security specialists have at their disposal authentication and identification systems based on biometric data, cryptographic protection systems for transmission channels and data carriers, and software solutions for managing encryption keys. Secure corporate VPN tunnels, professional firewalls, and closed cloud services are used.
Cybersecurity refers to one of the branches of information security and covers the protection of data in the networks of companies and organizations, as well as the protection of private information of individuals. Cybersecurity specialists are trained by both higher education institutions and specialized courses. At the end of the article, we will tell you how to choose such a course yourself.
The role of cybersecurity in the modern world
Data breaches in companies cause both direct financial losses and deferred reputational damage. Attacks on valuable information can be external or internal:
- in an external attack, the attacker invades the protected information perimeter;
- in an internal attack, data leaks occur due to employees of the company.
Here are the consequences of several recent data breaches:
- In 2014, Eileen Daly caused $ 250 million in damages to PNC Bank. Elin took a picture of her work computer screen on her mobile phone and passed the information to competitors from Morgan Stanley.
- Due to the leak of personal data of 57 million customers and drivers of Uber, the aggregator had to pay $ 148 million.
- The Texas court recovered $ 740 million. with the insurance company Amrock for stealing trade secrets in favor of a competitor HouseCanary.
- In the amount of $ 700 million. the loss of valuable data cost the American credit report aggregator Equifax.
In Russia, after the hacking of the Rosobrnazdor website, the data of more than 14 million former students "leaked". In may 2019, the personal data of 900 thousand OTP Bank, Alfa-Bank and home credit customers were publicly available.
The CIA, the FBI, the ministries of defense of the United States, great Britain, Japan, the European Parliament, the international Olympic Committee, the people's Bank of China, BitTorrent, GitHub, Skype, Tinder, WhatsApp and YouTube services faced data leaks.
Data flows not only through the network. Hackers and insiders often obtain valuable data using removable media, voice messages, SMS, audio and video communication channels, through paper documents, and even by studying the contents of trash cans. Theft or loss of laptops and other gadgets remains a common problem.
Information as a product
The Darknet sells and buys databases that store personal and confidential information. Among the products on this illegal market, there are logins and passwords of administrators of various resources, as well as data necessary for accessing financial and banking information. The most expensive accounts are those that are required to access websites, domains, and other network resources. Often, such data leaves auctions at a price from 125 thousand to 500 thousand dollars for one account.
Antivirus program user data, logins and passwords to file-sharing networks cost $ 1-2 for a valid pair – they are sold in tens of thousands. At a piecework price of several tens or hundreds of dollars, data is used to access social networks. Then such data is used for various scams related to obtaining loans, making installments, and registering dubious companies.
The value of information
It is important that the value of information changes rapidly. If the first buyer receives a database of Bank users at a price of several thousand rubles per record, then after several resales, the record price drops below one ruble. Often, users themselves help fraudsters by providing them with their confidential information when filling out the"raffle questionnaire". It also happens that information provided for obtaining a tourist visa or installment plan "leaks" from the company that is required to store such data.
Multiple use of credentials
A study conducted by the analytical company Digital Shadows showed that in 2020, compared to the previous year, the number of compromised credentials increased 4 times. The main reason is that users use the same or even identical passwords. Hacker software tools like Sentry MBA and OpenBullet can handle millions of valid pairs per day. The data from one successful hack is immediately used for attempts to access other user accounts.
Those who are going to commit a crime on behalf of another person can purchase a "digital identity" on the Darknet, which includes both social media records and data for accessing email, streaming and other services. There is also a service for renting someone else's account on illegal sites with payment based on the time of use.
Medical data and cyber security
According to Kaspersky Lab, in 2020 and 2021, medical information becomes more relevant for hackers than financial and banking information. Health data is used to blackmail and deceive not only the users themselves, but also their relatives. Cybercriminals can potentially change a patient's electronic medical records, making it difficult to make a diagnosis, forcing doctors to prescribe the wrong treatment.
It turned out that even medical research and MRI devices are vulnerable to remote hacking. Back in 2017, the medical equipment company Abbott had to update the software for 465 thousand pacemakers – the vulnerability allowed the hacker to change the patient's heart rate.
Methods of information attack
Hackers who break into banks over the Internet, which are celebrated in popular culture, are mostly a myth. Statistics show that 91% of information attacks on banks are carried out by corrupt employees of the banks themselves, 8% – by Bank intermediaries and only 1% are hackers. The password cracking procedure shown in movies does not take a few seconds, but at least several hours.
There are two main methods of password cracking:
- Dictionary search, in which the attacker tries different combinations of characters. Priority is given to combinations based on the user's first and last name, important dates, and other personal information.
- Research of hashed data on the user's computer to establish patterns that will allow you to find the password.
This is not all the ways available to modern cybercriminals. They also have at their disposal::
- Programs like Keylogger and Form-grabber that record and transmit user actions to a remote computer.
- Backdoor and C&C: software loopholes that allow you to gain control over the system.
- SQL injections that work at the database level.
- XSS attacks that create malicious code on the web server.
- Directory Traversal-an attack by spoofing the directory path on a hosting service.
- Remote File Inclusion-an attack that involves injecting a file or script into the server. Such a file will be a "Trojan horse" for other types of attacks.
What tasks do cybersecurity specialists solve?
Cybersecurity specialists protect the resources of companies and organizations from hacking. Some progress has been made in this direction: large-scale leaks from the Pension Fund, traffic police and other state organizations of Russia have stopped appearing on the web.
The DLP (data-loss prevention) strategy, which is implemented by information security specialists, allows you to control possible data leakage paths. Thanks to DLP, user actions are controlled via email, network protocols, Skype, instant messengers, and applications. DLP does not allow you to write data that is valuable to the enterprise to a disk, flash drive, mobile phone memory, or other external storage device. The strategy also prevents data theft by photographing the desktop screen.
Information security specialists have at their disposal authentication and identification systems based on biometric data, cryptographic protection systems for transmission channels and data carriers, and software solutions for managing encryption keys. Secure corporate VPN tunnels, professional firewalls, and closed cloud services are used.
