Information is the oxygen of the modern age. It seeps through the walls topped by barbed wire. It wafts across the electrified borders. Ronald Reagan
Understanding the terms ‘Cyber’ and ‘Security.’
‘Cyber’ is a technical term derived from ‘cybernetics’ from a Greek word kubernētēs which is an abbreviation for the science of communications and automatic control systems, basically relating to computers and the internet. Now, why is Cyber used? All the information of this world, be it critical or general, is now on the Internet, from secret governmental plans to personal user data (photos, videos, documents, etc.) is all with a big brother who is watching all this information flow through. I just cleared you with the fact that what is Cyber and why is it important.
Let’s come straight to the point: what is Cyber Security? We just learned all the information we need to keep it safe, which requires some methods. These methods can be examples of different Penetration Testing tools that generally are used by black hat hackers or by Reverse Engineering, which reverses the attack done on the sensitive information for making it back to normal.
‘Cyber Security’ basics
All the information stored on multiple servers, which contacts the cloud for universal accessibility, is vulnerable to infinitely many attacks. Once the hacker identifies the flaw in the system, he gets in, grabs all that he gets, and rushes off, leaving almost no traces of his brutal invasion but instead leaves the analysts with even more confusion. To prevent colossal data losses, the economy falls, we need talented analysts and even more efficient tools for backing away the bad guys and having a safer, comfortable online experience.
The most extensive data breach in history indirectly involved Experian, one of the three central credit reporting agencies. Experian acquired a company called Court Ventures, which gathers and aggregates information from public records, in March 2012. At the time of the acquisition, Court Ventures had a contract with a U.S. Info Search company. The agreement enabled customers of U.S. Info Search to access the company’s data to find individuals’ addresses that would help them determine which court records to review. Court Ventures sold information to some third parties, including a “Vietnamese fraudster service,” which then provided its customers with the opportunity to look up Americans’ personal information, including financial information and Social Security numbers, used for identity theft in many cases. As Experian explains, “After Experian’s acquisition of Court Ventures, the U.S. Secret Service notified us that Court Ventures had been and was continuing to resell data from a U.S. Info Search database to a third party, possibly engaged in illegal activity. The suspect, in this case, posed as a legitimate business owner and obtained access to U.S. Info Search data through Court Ventures before the time Experian acquired the company.” Experian maintains that no Experian databases were breached; U.S. Info Search’s databases were the consumer information source. Some news sources cite 200 million records breached in this incident, which continued for more than ten months after Experian acquired Court Ventures, although DataBreaches.net reports that 200 million is the figure representing the total number of records stored in the database that was breached. The actual number of records exposed, according to Experian, is unknown but believed to be much lower.
This is from a reputed website called digitalguardian.com, which makes us aware of one of the most massive data breaches in history.
Some sources for in-depth knowledge about breaches
Verizon’s annual Data Breach Investigations Report has become a security industry favorite for its assessments of thousands of data breaches that it investigates with the help of the U.S. Secret Service and several partnering security organizations. Every year the DBIR sets out to analyze major trends in data breaches, victims being targeted, attack patterns, and more.
DataLossDB is an open-source, community-maintained research project that covers publicly-disclosed data breaches across the globe. The site provides details around data loss incidents as well as analysis of historical data breach trends.
IT Business Edge provides a slideshow illustrating 8 Ways to prevent data breaches, including tips such as instituting end-user security awareness, performing regular vulnerability assessments, and other helpful tactics.
Data Breach, Today is a multimedia news resource and a vital source of information on the latest data breaches, their impact, and strategies for preventing companies from falling victim to cybercriminals.
Data Breach Watch is another resource reporting on discovered data breaches, news, and trends impacting both consumers and companies in every vertical.
The Global Privacy And Consultancy Law Blog is an excellent resource for companies faced with stringent and ever-changing security regulations and compliance requirements.
The Hill takes a critical look at data breach prevention practices in light of the alarming statistics on the number of data breaches and their subsequent fallouts in 2014. As this article points out, the number of data breaches that involved 100 million customer records or more doubled in 2014. One billion data records were either lost or stolen in 2014, a 71 percent increase over 2013. “It’s time that executives and information security professionals accept the fact that their companies will be breached and start thinking outside the box when it comes to data security. To be in denial of this truth is not to accept reality.”
This article from The New York Times discusses strategies for minimizing the risk of a data breach in light of the significant breaches impacting some of the world’s largest companies in recent history. One suggestion, for instance, is minimizing or eliminating the unnecessary storage of data. “Companies also need to think carefully about what data they are collecting and storing. By keeping lots of sensitive information, they place themselves and their customers at considerable – and in some cases unnecessarily greater – risk than if they had deleted the data or never collected it. To take one startling example, security experts say there was absolutely no reason for Target to have stored the four-digit personal identification numbers, or PINs, of their customers’ debit cards.”
With this blog, my mission was not to make you afraid about hackers and hacks, and I want to conclude that to stop the significant data breaches the world suffered through the history, we need talented analysts, efficient tools, and positive brains for our help!