New Delhi, Nov 12 , As India becomes the most targeted country, with 13.7 per cent of all cyberattacks, followed by the US, Indonesia and China, millions of people are at 24/7 risk of losing their personal data.
Data breaches can change the course of your life. Whether you are offline, online, hackers can get to you through the internet, Bluetooth, text messages, or the online services that you use.
The most common causes of data breaches are weak passwords, application vulnerabilities, malware, social engineering, too many permissions, insider threats, physical attacks and improper configuration (user error).
According to cyber-security company Kaspersky, mistakes happen and errors are made.
Without proper attention to detail, a small vulnerability can cause a massive data breach. Since many people are unaware of how common modern security threats work, they don’t give it enough attention.
“As our computers and mobile devices get more connective features, there are more places for data to slip through. New technologies are being created faster than we can protect them,” according to Kaspersky.
Many “smart home” products have gaping flaws, like lack of encryption, and hackers are taking advantage.
The assumption is that a data breach is caused by an outside hacker, but that’s not always true.
According to security researchers, reasons for how data breaches happen might sometimes be traced back to intentional attacks. However, it can just as easily result from a simple oversight by individuals or flaws in a company’s infrastructure.
A malicious insider purposely accesses and/or shares data with the intent of causing harm to an individual or company. The malicious insider may have legitimate authorisation to use the data, but the intent is to use the information in nefarious ways.
An unencrypted and unlocked laptop or external hard drive — anything that contains sensitive information — goes missing. These are hackers who use various attack vectors to gather information from a network or an individual.
Phishing is a social engineering attack designed to fool you into causing a data breach. Phishing attackers pose as people or organisations you trust, to easily deceive you. Criminals of this nature try to coax you into handing over access to sensitive data or provide the data itself.
In a more brash approach, hackers might enlist software tools to guess your passwords.
Although a data breach can be the result of an innocent mistake, real damage is possible if the person with unauthorised access steals and sells Personally Identifiable Information (PII) or corporate intellectual data for financial gain or to cause harm.
“The vast majority of data breaches are caused by stolen or weak credentials. If malicious criminals have your username and password combination, they have an open door into your network. Because most people reuse passwords, cybercriminals can use brute force attacks to gain entrance to email, websites, bank accounts, and other sources of PII or financial information,” the security researchers advised.
For individuals, identity theft is a major threat. Data leaks can reveal everything from Aadhaar numbers to banking information. Once a criminal has these details, they can engage in all types of fraud under your name. Theft of your identity can ruin your credit, pin you with legal issues, and it is difficult to fight back against.
From the ever-evolving menace of cyberbullying to the intricacies of phishing and identity theft, online threats are evolving in both sophistication and intensity.
In fact, 74 per cent of respondents in India reported experiencing an online safety risk in the past year, as per Microsoft’s Global Online Safety Survey 2023.
Multi-Factor Authentication (MFA) adds an extra layer of security to your accounts, but it is not foolproof. Hackers are finding new ways to bypass MFA systems, so it’s important to stay informed and use the latest MFA methods, such as using a code sent to your phone or a fingerprint scan.
Picture it like having a guard standing outside the safe. The guard makes it harder for the thief to steal your valuables, but the guard could still be tricked.
“Data breach prevention needs to include everyone at all levels — from end-users to IT personnel, and all people in between,” said researchers.
According to Maya Horowitz, VP Research at Check Point Software, cyberattacks are inevitable but can be largely prevented by proactive measures and the right security technologies.
na/rad
