SECURITY EVANGELIST

Drip, drip, drip…

The sound of the leaking faucet called for my attention.

Drip, drip, drip…

These annoying little drop of water kept reminding me that I had to do something about it. It was there and I just couldn’t ignore it any longer.

faucet-drip

It struck me that we never think of cyber security the same way. Although so many Internet users are victims of data leakage, they can’t hear the drip, drip, drip…


What is data leakage?


Although it’s usually used in the context of data breaches in large companies and institutions, data leakage is a big threat for home users as well.

It’s not me that’s saying it, but rather industry reports such as the 2015 Global Data Leakage Report.

data-leaks-statistics

Remember this graphic, because I’ll show you how not to become part of this statistic. But let’s get through the basics first.

In the simplest way, a data leak happens when you lose sensitive information and this loss puts you at risk, whether personally, professionally, emotionally or financially.

Although the term may be used interchangeably with data loss, you should know that data loss sometimes refers more to data that has been destroyed or corrupted. Naturally, the two terms have one thing in common: the fact that the data either ended up in the wrong hands or was irreversibly damaged.


Types of data leakage


Some key facts you should know about data leakage include that:


1. It’s usually caused by malicious outsiders.

Almost 2/3 of the total volume of personal data compromised in 2015 leaked after external attacks. The most notorious incidents of 2015 were associated with illegal actions of hackers, intrusion into companies’ infrastructure, and stealing aggregated data about employees and clients.

Source.

While you may think that these statistics are focused on data leakage in companies, consider that the data which was stolen belonged to people like you and me. This kind of loss affects institutions and businesses of all sizes, but it also hurts the people whose confidential information was leaked nicked.


2. The browser is where most of the confidential data is extracted from.

The browser is our main gateway to the Internet and it’s probably the most heavily used app on your PC as well. You may not realize that, because it’s part of your daily habit, but cyber criminals know it very well.

So they’ll use your browser’s vulnerabilities to find security holes they can exploit to infect your computer with malware.

Once they’re in, the objective is not just to use the malware to wreak havoc. That’s not a big money-maker (except for ransomware). While one stage of the infection takes control over your system, another phase focuses on extracting as much potentially valuable information as possible.

Mobile devices, removable media (USBs, CDs, external drives, etc.), emails and instant messages are also sources ripe for malicious hacking.
Source.

data-leaks-by-channel-2015


3. Data leaks are caused intentionally.

While data loss can be accidental (spilling your morning coffee all over your laptop or accidentally deleting a file), data leakage is the consequence of an intended action.

From theft (either digital or physical), to black hat hacking, from sabotage to other malicious acts, someone has to want to steal that information. It can’t just burglarize itself.


4. Personal and financial data is the most exposed.

You would’ve surely figured this one out by yourself, even if there weren’t any industry statistics.

90.8% of data leaks exposed personal data. More than 965.9 million records have been compromised over the reporting period [2015].

leaks-by-data-type-2015

Along with personal data, financial information is a top target for cyber criminals. The “why” is quite obvious here, but it’s not always the case.


Why cyber criminals want your data


You’d be surprised at the quantity of information that cyber criminals steal. The thing is that you may not understand why they loot some of it. This is where I come in and try to shed some light on the matter.

Cyber criminals steal intellectual property because they can sell it or use it to blackmail the victims (in a “pay up or we’ll make it public” kind of situation).

Example: the notorious Sony hack.

Cyber criminals break your email’s username and password to get to its contents. From your emails and instant messages, they can extract valuable information, such as credentials for other accounts, receipts for online purchases (which often include even more private data), travel calendars and many more details.

Your emails and messages also include confidential conversations between you and your family, friends, coworkers and other… sensitive people in your life. I bet you’d like to keep those private.

Example: the data breach targeting Rambler, the Russian email service, which exposed the login credentials for almost 100 million email addresses. Or the Dropbox one.

Cyber criminals steal the contacts in your email addresses and in your phone, so they can use them to spread malware even farther. Your contacts might be targeted in spam campaigns carrying all types of malware or they might become victims of phishing attacks.

Example: the way that CryptoLocker ransomware works.

types-of-information-that-cyber-criminals-can-gain-through-data-leakage

Cyber criminals steal your postal address, date of birth and other personal information so they can use this data to breach other accounts or to impersonate you (identity fraud). This is the same reason why they will go after your bills, contracts and other important documents.

Example: a true story as told by an identity theft victim.

Cyber criminals steal your financial information (card details, account details, online banking credentials, etc.) so they can get access to your bank account and empty it.

Example: the notorious GameOver Zeus malware and its vicious consequences.

Cyber criminals retrieve your system configuration to see how their malicious software managed to deflect your defenses. By analyzing its effectiveness, they can improve the malware and make it stealthier and more penetrating.

Example: Teslacrypt 4.0’s improved data leakage capabilities.

Clearly, motivations are abundant. Unfortunately, cyber crooks don’t lack the means to achieve their objectives either.


Malware attacks which cause data leakage


Obviously, not every cyber attack also includes data leakage in its set of goals. But many of them do, including:

Spyware, Trojans, ransomware, worms and viruses are the most notorious types of malicious software that can cause data leakage.

types-of-cyber-attacks-that-cause-data-leakage

If we were to pinpoint the most dangerous one, that would most likely be financial malware. Because it’s a big money-maker, financial malware is highly sophisticated and can persist in the infected system for a long time without being detected.

Some of these second-generation malware types can impersonate harmless software at first. But once installed, they will use your Internet connection to download the latest version of the actual malware used in the attack. Signature-bases antivirus protection is futile in this case.

Also, you should know that current day malware is incredibly complex and flexible. This allows cyber criminals to pack together multiple threats and add data exfiltration capabilities to malicious software that wouldn’t normally feature this option.


Risky behavior exposing you to data leakage


Here’s an opportunity to check whether you’re exposed to data leakage.

Do you find yourself guilty of the following?

  1. I don’t keep my software (apps, browsers, etc.) and my operating system up to date by installing updates as soon as they’re released.
  2. I don’t use antivirus and additional layers of security that can protect me against second-generation malware (such as traffic filtering).
  3. I don’t pay attention to password security and I reuse passwords.
  4. I use public Wi-fi networks for online banking and online shopping.
  5. I frequently share personal details on social media or in emails.
  6. I don’t use two-factor authentication.
  7. I don’t have alerts set up for my banking account.
  8. I don’t have anything to hide or nothing valuable that cyber criminals may want.
  9. I open emails from unknown senders.
  10. I download and open attachments from unknown senders.

This is not meant to be an incriminatory interrogatory, but rather a way to evaluate your own cyber security practices. You may find out that your online safety measures are inadequate, but that doesn’t mean you can’t make a change for the better.


The cost of data leakage




Before we move to protection advice, I’d like to suggest you take a moment to consider what losing confidential data might cost you.

I’m not talking just about the financial consequences, but also about some other types of impact that maybe haven’t crossed your mind.

The cost of data leakage is directly correlated with how valuable the data is for you and for how long you can’t access/use it.

When analyzing the value of your sensitive information, consider the following:

  • How much it would cost you to continue your life/work without that data
  • How much it would cost you to recreate that data
  • How much the loss of this data would affect others (coworkers, friends, family members, etc.).

It’s one thing to have your cooking recipes stolen and a completely different one to have your bachelor’s diploma taken away from you before you’ve had a chance to finish it or back it up.


Critical steps to take after detecting information leakage


Successfully recovering from data leakage requires you act quickly and make the right decisions. It’s also very useful to have a plan in place, so you can follow it without having to start from scratch.

Here are some useful steps to help you start building your plan today:

1. Evaluate the loss, if possible. Determine what the attacker stole so you can know how to prioritize your actions.

2. Isolate the affected device or account. Don’t start your PC, as you could create additional damage. Malware only works as long as the device is on, because it can’t communicate over the web if the system is shut down.

3. Trace your steps and try to see how the hack could have occurred.

4. Change all your sensitive passwords.

5. Report the leak to the platform you had your account on or to the bank, if it’s the case. Ask them to monitor for suspicious activity and block it automatically, if possible.

6. Try removing the malware or ask for professional help.

7. Report the data leak to the authorities, so you can get additional support, if needed.


Data leakage prevention checklist


While it’s great to have a plan in case you should ever be affected by data leakage, it’s even better to prevent it from happening.

Here’s what you have to do so you won’t get hit my malware with data exfiltration capabilities:

Remember that data leakage happens through a malware infection which uses your Internet connection to move the data out of your PC and to websites and servers controlled by cyber criminals.

If you want to stop it (and you should), sanitizing your Internet traffic and blocking those malicious connections is key! For example, this is one of the main reasons why people chose Heimdal PRO, because it blocks communication between your PC and cyber criminal infrastructure.

Now that you’ve read this guide, do you think your computer is data exfiltration-proof or is it as leaky as a sprinkler?

sprinkler

If you have any questions about data leakage that you’d like answered, I’d be happy to help. Just leave a comment below.

TeslaCrypt 4.0
2016.03.18 QUICK READ

Security Alert: TeslaCrypt 4.0 – Unbreakable Encryption and Worse Data Leakage

paranoid cyber security
2016.03.17 INTERMEDIATE READ

Paranoid or Cautious? Protect Your Data Like Everyone’s Watching (Cause They Might Be)

Webpage Screenshot Leaks Private Data
2015.04.08 QUICK READ

Security Alert: Webpage Screenshot Leaks Private Data For 1.2 Million Users

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

GO TO TOP
171 queries in 0.892 seconds