Staying Ahead of Data Breaches
In the time of increased vulnerability, viewing security in a single layer approach is no longer sufficient. Since your confidential data is passing through different layers, hence securing data at every level is crucial
Cyber criminals have known to make attempts to infiltrate our systems since the early 1980s. Banking and financial data in particular is frequently sought after by cyber-hackers and such looters, thus accounting for highly targeted and sophisticated cyber heists across the globe. The Bangladesh Central Bank robbery where unknown hackers breached its computer systems and got away with $81 mn, while attempting to steal $951 mn from its account at the Federal Reserve Bank of New York, exposed very serious flaws in security and confirmed that our financial infrastructures remain vulnerable in terms of complete security deployment. What follows such a breach is the obvious monetary loss combined with cost of notifying data subjects, investigation and breach control. Involved organizations may also end up facing (potential) law suits and penalties. However, the most severe ramification is the damage caused to the customers’ trust, corporate brand and decline in share value. INADEQUACIES LEADING TO CYBER BREACHES Technological advances over the last decade or so have completely changed the way we use, store and transfer data. With the growing use of the Internet, higher adoption of smart devices, and even increased adoption of cloud we are becoming increasingly vulnerable to security threats such as data breaches, identity thefts and fraudulent transactions. Banking and financial services are also becoming increasingly digitised and private information such as credit card details, ATM pin and account authentication details etc, are stored and processed digitally which gives more vulnerable entry points to hackers.
Here are some of the most common methods used by hackers for cyber breaches:
Trojan horse program: Using this program the intruders trick you into installing ‘back door’ for them to penetrate the system. In case of the Bangladesh Central Bank heist the hackers installed some type of malware (possibly a Remote Access Trojan – RAT) in its computer systems few weeks before the incident observed how money was withdrawn from its United States account.
(DoS) attack: A denial-of-service (DoS) attack is when the target computer is instructed to crash or to become busy processing data that you are unable to access it
Cross-site scripting: A malicious script is attached to something sent to a website, such as a URL exposing the web browser
Phishing: Phishing attacks could either be in the form of an email from a trusted source asking for personal www.dqindia.com 71