India has made a name for itself as one of the least secure countries in terms of cybersecurity. With multiple data breaches, hacks and leaks taking place over the past few months, it is slowly becoming clear that education on prominent cybersecurity practices needs to be carried out. More recently, Sulekha, a popular classifieds platform was in the news for putting advertiser’s data at risk due to a security glitch. However, Sulekha confirmed there was no data breach as such and data theft was reported.
Most data breaches in India can be attributed to poor cybersecurity practices or coding issues, leading to compromised security of databases, thus leaking private and potentially sensitive information that can be misused. A report by Comparitech called the Global Risk Report showed that India ranked among the world’s worst in cybersecurity due to many factors.
The question remains, what can be done to ensure that such breaches will not happen in the future.
The Reason For Data Breaches
A quick search on the haveibeenpwned website will show that many data breaches happened not as a direct attack, but due to a small error in operational security that could have been remedied by industry best practices.
By far, the most prominent methods of data breaches occurring is through unsecured databases. In the age of the cloud, databases have moved from solid servers hosted and controlled by websites to data centers where they run in instances.
One of the most prominent methods to create a database is to run a distributed database software, of which MongoDB is one of the most popular one. Data breaches have occurred from something as simple as a synchronized MongoDB left unprotected and facing towards the Internet. This potentially opens up the contents of that database to anyone who knows how to access it.
At the same time, data breaches have also occurred from some of the most unexpected attack directions. A dedicated hacker will find an exploit in one of the most unexpected locations, such as the 8tracks data breach in 2017. This breach was facilitated due to one of the employee’s not enabling 2-factor authentication on their GItHub accounts.
The Harm Of Data Breaches
Data breaches not only harm the website’s reputation, but also cause a gross violation into the personal information of users. In many cases, this has also turned out to be extremely sensitive items, to the point of causing financial leakages of individuals.
The data from such data breaches makes its way onto the dark web, where it is sold for cryptocurrencies to the highest bidder. There exist many data marketplaces who use the credentials to engage in malpractices such as phishing, malware and identity theft.
This causes an unsafe Internet for those whose data has been leaked, leading to a higher likelihood of other cybercrimes occurring. While this not only means that the user has to be more careful for no fault of their own, but also that they will be the target of many more crimes due to the wide availability of their personal data.
How To Protect Against Breaches
While it is clear that there is no way to protect every single attack vector, there still exist ways which can protect from the probability of 95%+ of those scenarios. Cybersecurity professionals maintain that there is no such thing as being “unhackable”, due to the code containing exploits no matter who it is written by.
These approaches can be formulated into a checklist that will ensure protection against all but the most obscure and unpredictable attack vectors. Some of the more obscure vectors also include various methods of social engineering attacks, simply due to the sheer likelihood of it not working.
Socially engineered attacks stand as being different from traditional cybersecurity attacks, as they tend to exploit human error as opposed to weak code. A typical example of this is phishing for identity theft, which generally involves the hacker masquerading as an individual in order to gain access to their phone number, which in turn will be used to bypass 2FA.
Even this kind of attack can be prevented by simply education public-facing employees on how social engineering occurs. Similarly, simple and easily replicable tasks can be used to grant a high level of security to databases.
This includes incremental updates and patches to software as soon as they are available, and, conversely, upgrading the software when it is no longer supported by the manufacturer. Many companies also enforce security policies on employees bringing their own devices and working on them, as this opens up the possibility of uncontrolled attack vectors.
Encryption for sensitive data should not only be something practiced by companies with big databases, but also by individuals. In case of the data being lost, it is rendered useless as many modern encryption methods take a long, long time to be broken.
Multi-factor authentication and good passwords are also a prerequisite, along with general Internet safety measures to avoid keyloggers and malware. These steps alone will remove multiple different attack vectors, lessening the likelihood of a data breach.
