Want to destroy someone? Reveal their secrets, let’s look at data leakage and how it affects people’s lives both organizationally and personally.
Information has always been a resource of great value for people in many ways, and throughout the years, it has become easier to get. Technology and Internet have contributed to make information much more accessible to everyone; making people able to enter to a sea of knowledge by a simple click or a touch on a screen. Information being important as it is, have created consciousness of who we give it to as a form of self-protection, but that hasn’t stop attackers of taking advantage of the users vulnerability, being sensitive information one of the main points of attack that they exploit; being the reason why we must learn how data leakage occurs, and how we can prevent it.
How data leakages occur and why they are a problem.
Both a simple Internet user and a large enterprise have one thing in common: they both have sensitive information. Moreover, in an age where the internet interconnects everything and devices are always in sync with each other, there are many ways in which anyone can fall victim to having their information exposed.
Information leakages happen as the result of the vulnerability of its users. The main thing about it is that the exposure is accidental or unintentional; which allows attackers to benefit from it. Sensitive data breaches involve several risks faced by users or companies when exposing their data.
Here are some ways an data leakage can happen on the net:
- IT system configuration error: These are general errors that can appear in the IT system that allow hackers to obtain confidential information.
- Technical error messages: Typically, are data base error messages with technical details that don’t mean something for the user.
- Banners: Presented as text, they appear when a user tries to log in the system with one of its many services, exposing versions of the operative system or other app containers.
- Account Enumeration: Happens when the existing account names are revealed by the use of some mechanism.
- Cookies: Often by the exposition to session tokens that are contained in cookies.
- Supporting Files: The use of auxiliary files such as Java, which can contain sensitive information.
- Diagnostic messages: These consists in debug data responses that filtrate information.
- Caching: Sometimes there’s a fail to protect information and gets cached by web browsers; allowing to attackers to take the information with local machine access.
Despite all the mentioned above; sometimes, the main victims exposed to cyber-attacks or hacking of any kind, are the users and companies through the network; being victims of social engineering, extortion and scams; which differs from the inability to protect confidential information that can be in transit or in rest. This concern involves the exposure of any confidential information stored and processed by the application.
Here are some examples of how “application-sensitive” information may be unintentionally exposed:
- Email addresses: Social engineering attacks can happen from the exposure of internal email addresses.
- Database structure: SQL injection strings can be created by knowing how the schema used by the application works.
- Session and authentication tokens: Session hijacking attacks can be organized by the exposure to these values.
- File system structure: Through exposed path references, Path Traversal and other attacks can be facilitated by exposing the internal structure of the system.
- Account identifiers: Brute force attacks on access control can happen if there are means of discerning with the provided existing accounts.
- Application Configuration: Attackers can implement attack strategies when the configuration information is exposed.
Having any kind of sensitive information exposed can represent a big consequence to the subject. Here are some examples of that:
- Image damage: It generates a negative impact on the entity and carries with it the loss of confidence.
- Legal consequences: They could lead to economic or administrative sanctions.
- Economic consequences: Closely related to the previous ones, they are within those that suppose a negative impact at economic level, with a diminution of the investment, business, etc.
- Other consequences: They are those that affect or imply a negative impact in very diverse areas, such as political, diplomatic, institutional or governmental, among others.
How do we prevent from data leakage?
Is important to recognize critical data within the company; as users should too. It’s important to know which peace of information has more value in order to keep it safe; so it becomes a priority.
Companies should also monitor their traffic in all its networks, being able to discover and track any anomalous behavior before something occurs. There are monitoring tools that allow the user to supervise access and activity; notifying things like employees downloading or deleting information.
Another way to keep confidential or private information safe can be the use of encryption. Although encrypting files does not make them impenetrable, it is one of the best ways to keep any data safe, to the point that if organizations carefully apply key management processes, it can render stolen information useless to criminals.
Something to also keep in mind are the channels where the information is sent to others; sending highly sensitive information via email rises the chance of a data leak. Threats can be prevented by allowing a deep inspection technology scan that can be made by using content filters. Alongside email, general use of internet also generates a potential risk to your data, so implementing the use of firewalls on individual computers and whole networks is a way to deal with security threats, being also able to take action against potential data leaks, malicious behavior or unauthorized access by notifying the administrator so it can block the action.
Advice for companies
When it comes to businesses, is important to instruct employees about the dangers of data leakage, being even convenient to include its risks as part of the onboarding process. Typically, corporations assume that employees know the kind of information that is confidential and what can’t be shared, which can guide to accidental leakages without the employees realizing that they’re putting the company at risk