This was once one email that Air India customers certainly did not expect or ever want. On 22 May, the airlines revealed that 10 years’ worth of its customer data including credit cards, passports and phone numbers were leaked in a massive cyber-attack on its data processor in February. The incident has affected around 45 lakh customers registered between 26 August 2011, and 3 February 2021, according to Air India.
The ‘highly sophisticated’ attack was once targeted at Geneva-based passenger system operator SITA that serves the Star Alliance of airlines including Singapore Airlines, Lufthansa, and United but even so Air India. The leaked data, according to Air India, included names, date of birth, contact information and ticket information, frequent flyer numbers and credit card data but not passwords. This hardly would supply any consolation to the airlines’ customers.
This wasn’t the first data breach, and it certainly would possibly not be the final. For example, there was once a sense of deja vu this April when Alon Gal, a security researcher at cybersecurity firm HudsonRock, tweeted that personal data from 533 million Facebook accounts was once leaked online for free. A Trade Insider outline later said it verified several of the records, that have been from 106 countries, including 6 million in India. The data included user “…phone numbers, Facebook IDs, full names, locations, birthdates, bios, and — in some cases — email addresses.”
According to 2019 Q3 Data Breach QuickView Outline, there were 5,183 breaches reported in the first nine months of 2019 exposing 7.9 billion records. The numbers have only increased exponentially since then.
For example, data from over 500 million LinkedIn users—including user IDs, full names, email addresses, phone numbers, professional titles, and other work-related data—has been hacked, according to security news and research group CyberNews.
While LinkedIn elucidated that the data set does not include touchy information like credit card information or social security numbers, the fact remains that the leaked data could help hackers use the email addresses and phone numbers to spam or even loot people online. Users can see whether their data has been compromised by the incident by accessing sites like Have I Been Pwned, which list major data breaches.
Our own research reveals that data breaches take place nearly day-to-day but remain undetected for just about 270 days on an average.
Data breaches can prove expensive to users since hackers are bound to use the information for social engineering (advanced phishing), scamming, ransomware, spamming and marketing, causing users huge amount of misery and financial losses too in many cases. Companies, too, will have to bear the brunt with regards to brand repute and penalties. The United Kingdom’s data privacy watchdog, the Information Commissioner’s Office (ICO), as an example, fined the Marriott Hotels chain GBP 18.4 million (more or less Rs. 190.30 crores) final year for a major data breach that may have affected up to 339 million guests in 2018.
The pandemic, which has accelerated the process of digitalisation in enterprises, has paradoxically accentuated these cyber maladies too. In addition, as workers increasingly more do business from home, they begin accessing more data in the cloud, calling for increasing security measures in companies and on user devices that access this data.
In this context, it’s first important to define the cloud. Companies is also the use of public cloud services and products that could include software-as-a-service (SaaS), infrastructure-as-a-service (IaaS), and platform-as-a-service (PaaS). They could also host their data on their premises – a trend referred to as private cloud. Or they could be the use of a combination of both the private and public cloud services–a trend referred to as Hybrid cloud.
Every of these situations demand a nuanced cloud strategy since the cloud provider and cloud customer will share different levels of responsibility for security of the data. Further, the solution that a security vendor will supply needs to detect and respond to security risks in real-time, irrespective of where the user is operating from – home, office or travelling.
While no vendor can claim to possess any silver bullet that can supply blanket cloud security, it is vital that companies realize the location of their data; what data they have got stored in the cloud; who has access to it and whom are they sharing it with, and on which device.
Here is what works for most clients.
First, the solution must supply an intuitive user-interface that enables visual analytics, a multi-dimensional view of the data, and tools to slice and cube information in ways that will enable companies take speedier action when an anomaly is detected.
Second, cloud-native applications rely on the surroundings for telemetry – the automatic collection and transmission of data to centralised locations for subsequent analysis. Hence, the solution must allow not only for cloud telemetry but also for telemetry for the data that resides on end-point devices like smartphones, tablets and laptops that are being used by workers who are travelling or at home. Third, these endpoint devices can also be powered by Linux, Windows, or Mac, which implies that solution must be operating system agnostic.
Fourth, companies must include Cyber Situational Awareness (CSA) capabilities in their arsenal. CSA is critical when talking approximately cybersecurity, simply because like in traditional warfare, cybersecurity teams wish to understand where the threats reside, where they’re coming from, and how they mutate through the years, among other things.
Fifth, you have to note that man made intelligence (AI) systems can be utilized to identify and predict attack patterns, thus dramatically decreasing the response time. The problem, though, is that whether a company is the use of a basic machine learning (ML) system, which has been trained on historic data, this system won’t be able to spot new threats since hackers too are the use of AI systems.
Sixth, retraining your workforce, as consultancy firm McKinsey paper money, is another critical aspect of cybersecurity. This is important since the typical technology workforce of an enterprise is trained in developing trade applications in the traditional IT framework but most of them wish to be reskilled or upskilled for the cloud surroundings, McKinsey insists.
Some of these issues change into critical since with the fifth generation, or 5G networks soon to replace 4G networks, cloud security will change into more imperative particularly on the subject of protecting end-user devices. The reason being that 5G connects more devices than earlier technologies, expanding the surface for cyber-attacks and making it riskier for companies.
Naveen Jaiswal is the Co-Founder and Head of Research & Development at Vehere.
Disclaimer: The opinions expressed inside this article are the personal opinions of the creator. NDTV isn’t responsible for the accuracy, completeness, suitability, or validity of any information on this article. All information is given on an as-is basis. The information, facts or opinions appearing in the article do not mirror the views of NDTV and NDTV does not imagine any responsibility or liability for a similar.
Interested in cryptocurrency? We discuss all things crypto with WazirX CEO Nischal Shetty and WeekendInvesting founder Alok Jain on Orbital, the Gadgets 360 podcast. Orbital is to be had on Apple Podcasts, Google Podcasts, Spotify, Amazon Music and wherever you get your podcasts.