DATA SECURITY

WHAT IS DATA SECURITY ?

Data security means protecting digital data, such as those in a database, from
destructive forces and from the unwanted actions of unauthorized users, such as a
cyberattack or a data breach.

# an example on data security showing importance

WHY IS DATA SECURITY SO IMPORTANT ? (P)

When properly implemented, robust data security strategies will protect an

organization’s information assets against cybercriminal activities, but they also
guard against insider threats and human error, which remains among the leading
causes of data breaches today. Data security involves deploying tools and
technologies that enhance the organization’s visibility into where its critical data
resides and how it is used. Ideally, these tools should be able to apply protections
like encryption, data masking, and redaction of sensitive files, and should
automate reporting to streamline audits and adhering to regulatory requirements.

Before an organization can secure data, it has to know what data it has.
This is where a data inventory --a record of all the data created, used and
stored by a company -- is key. The process starts with data discovery, or
learning what and where the data is. Data classification follows, which
involves labeling data to make it easier to manage, store and secure. The
four standard data classification categories are as follows:

1. public information

2. confidential information

3. sensitive information

4. personal information

Data is often further broken down by businesses using common

classification labels, such as "business use only" and "secret."

Sensitive data is often classified as confidential or secret. It includes these

types of data:
  personally identifiable information

 protected health information

 electronic protected health information

 PCI data

 intellectual property

Compounding the difficulty of doing data inventory and classification is that

data can reside in many locations -- on premises, in the cloud, in databases
and on devices, to name a few. Data also can exist in three states:

1. in motion, meaning data that is being transported;

2. at rest, meaning data that is being stored, or data that is at its

destination -- i.e., not transported or in use; and

3. in use, meaning data that is being written, updated, changed and

processed -- i.e., not being transported or stored.

(Story on data security)

1)Yahoo Data Breach (2017)

Date: October 2017

Impact: 3 billion accounts

Yahoo disclosed that a breach in August 2013 by a group of hackers had
compromised 1 billion accounts. In this instance, security questions and answers
were also compromised, increasing the risk of identity theft. The breach was first
reported by Yahoo while in negotiations to sell itself to Verizon, on December 14,
2016. Yahoo forced all affected users to change passwords and to reenter any
unencrypted security questions and answers to re-encrypt them.

However, by October of 2017, Yahoo changed the estimate to 3 billion user

accounts. An investigation revealed that users' passwords in clear text, payment
card data and bank information were not stolen. Nonetheless, this remains one of
the largest data breaches of this type in history.

2)Aadhaar Data Breach

Date: March 2018

Impact: 1.1 billion people

In March of 2018, it became public that the personal information of more than a
billion Indian citizens stored in the world’s largest biometric database could be
bought online.

This massive data breach was the result of a data leak on a system run by a state-
owned utility company. The breach allowed access to private information
of Aadhaar holders, exposing their names, their unique 12-digit identity numbers,
and their bank details.

The type of information exposed included the photographs, thumbprints, retina scans
and other identifying details of nearly every Indian citizen.

3)LinkedIn Data Breach (2021)

Date: June 2021

Impact: 700 million users

Data associated with 700 million LinkedIn users was posted for sale in a Dark Web
forum on June 2021. This exposure impacted 92% of the total LinkedIn user base of
756 million users.

The data was dumped in two waves, initially exposing 500 million users, and then a
second dump where the hacker "God User" boasted that they were selling a
database of 700 million LinkedIn.

Preview of leaked data - Source: 9to5mac.com

The hackers published a sample containing 1 million records to confirm the

legitimacy of the breach. The data included the following:

 Email addresses
 Full names
 Phone numbers
  Geolocation records
 LinkedIn username and profile URLs
 Personal and professional experience
 Genders
 Other social media accounts and details

The hacker scraped the data by exploiting LinkedIn's API.

LinkedIn claims that, because personal information was not compromised, this event
was not a 'data breach but, rather, just a violation of their terms of service through
prohibited data scraping.

Learn about the difference between a data breach and a data leak.

But the leaked data is sufficient to launch a deluge of cyberattacks targeting exposed
users, which makes the incident heavily weighted towards a data breach
classification.

4)Facebook Data Breach (2019)

Date: April 2019

Impact: 533 million users

In April 2019, the UpGuard Cyber Risk team revealed two third-party Facebook app
datasets had been exposed to the public Internet. One, originating from the Mexico-
based media company Cultura Colectiva, weighs in at 146 gigabytes and contains
over 533 million records detailing comments, likes, reactions, account names, FB
IDs and more. This same type of collection, in similarly concentrated form, has been
cause for concern in the recent past, given the potential uses of such data. Read
more about this Facebook data breach here.

This database was leaked on the dark web for free in April 2021, adding a new wave
of criminal exposure to the data originally exfiltrated in 2019. This makes Facebook
one of the recently hacked companies 2021, and therefore, one of the largest
companies to be hacked in 2021.

------------------------------------------ANJU ANILKUMAR-----------------------------------

---------------------------------------------ALWYN REJI----------------------------------------

MOST COMMON TYPE OF DATA BREACHES

1. Stolen Information

While you may think this sounds ridiculous, humans are very capable of
making errors and they often do. Errors that can cost their company
hundreds of thousands, if not millions, of dollars.

Even Apple has fallen prey to data breaches, including when a careless
employee left a prototype of one of their new iPhones lying around. Within
just a few hours, the specs and hardware of the yet-to-be-released phone
were all over the Internet.

Having an employee leave a computer, phone, or file somewhere they

shouldn’t have and having it stolen is incredibly common. And it could
compromise not only new prototypes you’re trying to hide but also
customer or patient information.

2. Ransomware

Ransomware is technically a sub-type of malware, but it’s worth drawing

attention to it separately.

In a ransomware attack, you suddenly get a message stating that all data on
your phone or computer is now encrypted, denying you access to your own
data. With ransomware, the perpetrator will tell you that they will turn the
data back over to you and not release it to the public if you pay a fee. This
can range from nominal to hundreds of thousands of dollars. The problem
here is that you’re dealing with an admitted criminal and paying the ransom
doesn’t guarantee that you’ll actually get your data back or that they won’t
release it later.

Many companies hire risk management solution companies to avoid the

release or deletion of important or compromising materials.

3. Password Guessing

Another really simple, but incredibly damaging issue is when passwords are
stolen. This happens more often than you would think. Some companies
leave passwords for computers on Post-It notes, allowing anyone to access
them, which could have meddling employees accessing the files somewhere
else.

Many people are hacked simply because their password was too easy or
guessable. This type of breach is called brute-force attack and is a very
common method amongst hackers. People often use passwords like the
name of their street, pet’s name, or their birthday, which can make hacking
into their accounts easy.

It goes without saying that if someone has your password, they can go into
your files and find any type of sensitive information on your company they
desire.

4. Recording Keystrokes

Cybercriminals can insert or email you malware called keyloggers that can
record what you’re typing onto your computer. The data is passed back to
the hackers and used to access sensitive data. This can happen at your place
of employment, or on your personal computer.
When this happens, they record everything you are typing – regardless of
whether or not the characters appear on screen. This makes it easy for the
perpetrator to gather passwords, credit card numbers, and sensitive
information you might enter into a database like names, health data, or
pretty much anything else.

This can be used against your company easily, as they will immediately have
your passwords as well as company credit card information. They will then
use these to find and possibly release sensitive company information.

5. Phishing

Phishing attacks come from third-party hackers who create sites that look
incredibly genuine. For example, they may make a site that mirrors PayPal,
and ask you to log into the site for a necessary change. If you log in it
without realizing that you’re not simply logging in to your account, you can
end up giving the hacker your password.

This scheme is common at universities. Students will often get emails from
a third party posing as the school asking them to confirm their login details.
Once they do, the hacker then has their login details to do anything they
please with them. We’ve also seen phishing attacks target Microsoft 365
applications, most notably Exchange Online.

Again, a phishing scheme can compromise the safety of any sensitive

information you or your company possess.

6. Malware or Viruses

Malware or viruses are sent to people with the goal of wiping their
computer of all data. This can be harmful to any company, especially those
who rely on their data. For example, if a malware virus was sent to a
hospital, it could wipe the data of thousands of patients. This could result in
a very serious situation, delaying treatment or even mean the death of
some of those inside the hospital.

In order to prevent these types of viruses, don’t click on anything you

aren’t sure where it is from. Some companies who require that clients or
potential clients email them things will ask them not to attach anything, but
place it in the body of the email. This prevents them from accidentally
clicking on anything that could potentially erase a server.

7. Distributed Denial-of-Service (DDoS)

This attack tends to only target larger companies and is often a form of
protest. For example, if vigilante justice trolls, like Anonymous, decide that
they do not like the way a pharmaceutical company is running and feels it is
taking advantage of patients, they can launch a denial-of-service attack.

A distributed denial-of-service attack is when the attack is launched from

multiple sources simultaneously. With this type of attack, they will make it
impossible for those at work to sign into the system. If sites are
unreachable due to all the traffic from the attack, customers are unable to
access the company’s services. While the data isn’t necessarily lost, they
force the company to shut down while they deal with the security breach,
potentially losing business.

This type of attack does not often happen to individuals, as it takes a large
amount of resources and a very coordinated attack.

-------------------------ALWYN REJI---------------------

----------------------ARAVIND BABU-------------------
Data Security vs. Data Privacy

Types of Data Security

Organizations can use a wide range of data security types to safeguard their
data, devices, networks, systems, and users. Some of the most common types
of data security, which organizations should look to combine to ensure they
have the best possible strategy, include:
Encryption

Data encryption is the use of algorithms to scramble data and hide its true
meaning. Encrypting data ensures messages can only be read by recipients with
the appropriate decryption key. This is crucial, especially in the event of a data
breach, because even if an attacker manages to gain access to the data, they
will not be able to read it without the decryption key.

Data encryption also involves the use of solutions like tokenization, which
protects data as it moves through an organization’s entire IT infrastructure.
Data Erasure

There will be occasions in which organizations no longer require data and need
it permanently removed from their systems. Data erasure is an effective data
security management technique that removes liability and the chance of a data
breach occurring.
Data Masking

Data masking enables an organization to hide data by obscuring and replacing

specific letters or numbers. This process is a form of encryption that renders
the data useless should a hacker intercept it. The original message can only be
uncovered by someone who has the code to decrypt or replace the masked
characters.
Data Resiliency

Organizations can mitigate the risk of accidental destruction or loss of data by

creating backups or copies of their data. Data backups are vital to protecting
information and ensuring it is always available. This is particularly important
during a data breach or ransomware attack, ensuring the organization can
restore a previous backup.

What is a VPN?
A VPN (virtual private network) is a service that creates a
safe, encrypted online connection. Internet users may use a VPN to
give themselves more privacy and anonymity online or circumvent
geographic-based blocking and censorship. VPNs essentially
extend a private network across a public network, which should
allow a user to securely send and receive data across the internet.
How do VPNs work?
At its most basic level, VPN tunneling creates a point-to-point
connection that cannot be accessed by unauthorized users. To
create the tunnel, a tunneling protocol is used over existing
networks. Different VPNs will use different tunneling protocols,
such as OpenVPN or Secure Socket Tunneling Protocol (SSTP). The
tunneling protocol used may depend on the platform the VPN is
being used on, such as SSTP being used on Windows OS, and will
provide data encryption at varying strengths. The endpoint device
needs to be running a VPN client (software application) locally or in
the cloud. The client will run in the background. The VPN client is
not noticeable to the end user unless it creates performance issues.

By using a VPN tunnel, a user's device will connect to another

network, hiding its IP address and encrypting the data. This is what
will hide private information from attackers or others hoping to
gain access to an individual's activities. The tunnel will connect a
user's device to an exit node in another distant location, which
makes it seem like the user is in another location.

Benefits and challenges of using a VPN

Benefits of using a VPN include the following:

 the ability to hide a user's IP address and browsing history;

 secure connections with encrypted data;

 bypassing geo-blocked content; and

 making it more difficult for advertisers to target ads to

individuals.

The challenges of using a VPN, however, include the following:

 Not all devices may support a VPN.

 VPNs do not protect against every threat.

  Paid VPNs are more trusted, secure options.

 A VPN may slow down internet speeds.

 Anonymity through VPNs has some s limitations -- for

example, browser fingerprinting can still be done.

VPN VS TOR

A VPN and the Tor network share a lot in common, but they
have different uses.

Both use proxies that act as relays through which internet

connections are redirected. This hides the user’s real IP
address and location from third parties, making users difficult
to track.

They also both use encryption, which scrambles the contents

of data sent to and from the internet so no third parties can
decipher data that they happen to intercept.

So what’s the difference between Tor and a VPN, and which

should you use?

In principle, VPNs emphasize privacy, and Tor emphasizes

anonymity. While there’s some overlap between these two
concepts, think of it this way: anonymity hides who you are,
and privacy hides what you do.

A VPN encrypts your connection and routes it through an

intermediary server in another location of the user’s choosing.
This server is operated by the VPN provider.

Tor encrypts your internet connection and routes it through a

random sequence of servers run by volunteers.

But let’s get down to brass tacks. What are Tor and VPNs best
suited for?
-------------------------------------ARAVIND BABU---------------------------------------