Data security describes the protection of digital data from a cyberattack or a data breach. A data breach is the unauthorized opening of data, typically to read or copy the information. Stolen data may contain confidential information, such as customer data, credit card numbers, or trade secrets. A cyberattack is much more aggressive. It is an effort by hackers to cripple or destroy a computer system or network.
For example, a few years ago,hackers attacked a petrochemical plant located in Saudi Arabia, and gained control of a critical safety shut-off system used for catastrophic events. Malicious software, called Triton or Trisis, was used, which can run unapproved programs. The malware can also scan and map the control system, providing reconnaissance and issuing commands. Once this type of malware (called a RAT or Remotely Accessible Trojan), has invaded a system, it takes control by way of a remote network connection. This presents a new phase in attacks on the control-systems of utilities, chemical plants, and factories.
CyberX, an industrial cybersecurity firm, believes Triton/Trisis was developed by Iran, to target organizations in Saudi Arabia.
Data security became a significant concern in the 1980s, a time when computer clubs began forming, as did malware. The very first viruses were mistakes – an error within the algorithm, with the ability to replicate itself. After the discovery of their existence, viruses were often designed to communicate a joke, or perhaps proof of someone’s programming abilities. Interest in viruses, particularly malicious viruses, continued to grow. In 1985, a German computer engineer, named Ralf Berger, gave the keynote speech for the Chaos Computer Club (currently, Europe’s largest hacker’s club), encouraging others to explore this new aspect of computer programming.
- The Brain Virus
The first deliberately malicious computer virus, referred to as Brain, was developed in 1986, and attacked floppy disks. (Originally, the program was used by the IBM PC, to follow and trace a heart monitoring program, which pirates had been distributing illegal copies of.) The virus aspect was developed by two brothers, Amjad and Basit Farooq Alvi, claiming they were worried their software was being copied. Brain works on IBM PC computers, altering a floppy disc by replacing its boot sector with the virus. The virus will slow down the disk drive, and blocks seven kilobytes of memory.
The Computer Fraud and Abuse Act became law the same year, but did not cover viruses.
Viruses and hackers were creating chaos at an alarming rate in the 1990s, and the “modern” version of data security came into being. Efforts were made to block unauthorized entry into computer systems, and warnings and memos were issued to computer staff on ways to detect viruses. These efforts included making isolated backups, so the data, if corrupted in the computer, was still available at a separate location. Software quickly became a popular method for storing backup data. Passwords and encryption became popular in terms of blocking hackers.
- The Solar Sunrise Breach
In 1998, two sixteen-year-old’s in California, and their 18 year-old mentor in Israel, hacked into the U.S. Department of Defense’s computer systems and gained control of computer systems operated by the government, the military, and private sectors. The attack was performed with the help of a virus and initially investigators suspected Iraqi hackers were responsible. The DoD was very concerned, and requested help from NASA, the FBI, the CIA, the US Department of Justice. The operation to catch the attackers was known as ‘Solar Sunrise’ and, after the attacks, the Defense Department took drastic actions to prevent future incidents of this kind.
The New Millenium – 2000s
In the 21st Century’s first decade, malicious internet activity was transformed into a profitable criminal activity, focused primarily on monetary gain. The Sobig Worm was a computer worm that infected millions of Internet-connected, Microsoft Windows computers in August 2003. This was closely followed by the infamous “MyDoom,” in 2004.
Sobig is both a computer worm (it replicates by itself) and a Trojan horse (pretending to be something other than malware). The Sobig worm appears as a normal email, with an innocent subject heading, such as, “Thank you!” and an attachment designed to spark your interest, and get you to open it.
MyDoom, described as the world’s most vicious worm, was discovered in January of 2004. It comes as an email attachment, and is activated when opened. It originally came with a preprogrammed end date of February 12, 2004. The end date actually means very little, partly because the worm opens a backdoor that allows the worm’s creator to access your computer, at any time, and partly because “new” internet criminals have started using it. The email worm, MyDoom, is still around, and still active.
Those in the computer security community agree that the MyDoom virus family has far surpassed the damage caused by any other malware, including Sobig. Ian Hameroff, a security associate at Computer Associates, said:
“The biggest damage is the denial-of-service attacks (DOS). There is no other damage to the data. It’s more a loss of productivity, so far.”
Large Data Breaches
In this current decade, data breaches and cyber attacks have grown in scale, with tactics and access strategies evolving.
Major computer attacks were taking place all over the world in this decade. In March of 2012 a major credit reporting agency within the United States, suffered the largest big data breach in history. They had purchased a business called Court Ventures, which used public records to collect information.
Court Ventures sold information quite regularly to third parties. One third party was a “Vietnamese fraudster service,” who offered its customers the personal information of many Americans, including financial information and Social Security numbers.
The breach went on for over 10 months, after the acquisition of Court Ventures. Though the true number of exposed records is unknown, it is estimated over 200 million records were breached.
“After the acquisition of Court Ventures, the U.S. Secret Service notified us that Court Ventures had been and was continuing to resell data from a U.S. Info Search database to third parties, possibly engaged in illegal activity. The suspect in this case posed as a legitimate business owner and obtained access to U.S. Info Search data through Court Ventures.”
- The Target Breach
In 2013, hackers accessed Target’s servers, and stole the personal information of roughly 70-110 million customers. This particular data breach incurred an estimated loss of over $162 million. The data came from shoppers visiting Target stores for three weeks, starting the day before Thanksgiving. Target was unaware of the attack, and did not detect it on its own. It was instead alerted by credit card processors, who noticed an upsurge in fraudulent transactions using credit cards previously used at Target.
- The Yahoo Breach
Also in 2013, all 3 billion of Yahoo’s email customers became victims of cybercrime. The breach was discovered during a review of data supplied by law enforcement in 2014. Andrew Komarov, chief investigator for InfoArmor, and contracted by Yahoo, discovered evidence a darkweb seller was offering a list of over one billion Yahoo accounts, for roughly $300,000.
- The Adult FriendFinder Breach
In mid-October of 2016, more than 412 million accounts in the FriendFinder Network were breached, with hackers collecting twenty years of data, stored on six databases that included names, email addresses and passwords. The six databases included adult content and casual hookup websites, such as Adult Friend Finder, Cams, Penthouse, and Stripshow. The majority of passwords were weakly protected by only a SHA-1 hashing algorithm, and were easily bypassed.
- The 2015 Voter Database Breach
A database, with the information of 191 million voters, was exposed to the open internet in late 2015. It is unknown how many people accessed the “accidental” breach. The problem was a result of human error. The database had been incorrectly configured and left open to the internet. The personal information – email addresses, mailing addresses, names, party affiliations, dates of birth, and more – of all the registered voters within the 50 states, as well as the District of Columbia. This was, to date, the biggest U.S. government data breach in history.
Data Security as a Reality
Data breaches can take place for a variety of reasons, ranging from hackers to losing a device with unencrypted information to accidentally opening a website’s private information to the general public.
The number of data breaches has increased steadily year by year. Measures are constantly being taken by organizations to increase their data security, it’s a multi-billion dollar industry. Unfortunately, criminals are constantly finding new methods and techniques to hack into a business’ database, and human error is a constant reality. The information preferred by hackers includes names, social security numbers, dates of birth, and other personal information used to steal identities. Preventing data breaches requires discipline, a plan, and a defensive mindset.
Image used under license from Shutterstock.com