The importance of personal or business data is usually taken for granted, until it gets compromised. It is after this that the magnitude of the loss hits home, as most consumers do not give much thought to the protection or the backing up of their data.
The risks for both individual and corporate users is high, with access to fast internet connectivity and reduced cost of ownership for end user devices – laptops, desktops and mobile phones.
As an individual, you may be targeted probably because you store credit card information, ATM PINs, email access particulars and a myriad of other information in plain sight. The international market for this information is very lucrative with credit card information for example fetching 60 dollars per record, according to a report by the ITU.
Social engineering is one of the more common ways that non-physical data espionage happens, with individual users duped into disclosing information. Many consumer facing organizations have websites that are well publicized and standard naming structures for their email addresses. It is therefore not difficult to create fictitious web pages or email addresses with similar structures and use this to obtain information from an unsuspecting public.
Most of these social engineering attacks will take the form of service upgrades or account confirmation – We have just upgraded our banking platform and would like you to confirm your account details. Click here to confirm.
Corporate attacks center more on the acquisition of trade secrets, consumer data or simply crippled operations. Attacks are much harder to carry out as most corporate systems have at least a basic layer of security. Nevertheless, if there is any connection to the outside world, no system is immune to attack and infiltration. Data interception, manipulation and rerouting are common on this front. Access to the systems may be via a trojan; that harmless power point that the receptionist opens, has a laugh and forwards to the entire sales team but has a nasty payload that once introduced to the network will install backdoor access and relay system vulnerabilities and access loopholes via legitimate communication to third parties.
With services moving to the cloud – software as a service, the control offered by closed systems for and traditional offline information storage like the good old notebook is diminished. As you embrace new technology, do not skimp on the basics and fail to protect your data. Life and business revolve around it.