Data Security and Threat
Data security is the process of protecting data and data loss from some unauthorized access, which includes preventing your data from different attacks that can encrypt or erase the whole data, such as ransomware, as well as the attacks that can corrupt the whole data.
Why is Data Security Important?
The data shows that the damage caused by a data breach in US was 8 million dollar, in which around 26K user accounts were impacted with all the attacks.
Data Security Threats
Below are several common issues faced by organizations of all sizes as they try and secure sensitive data.
Accidental Exposure
A large percentage of data breaches are not the result of a malicious attack but are caused by negligent or accidental exposure of sensitive data. it’s common for an organization’s employees to share, grant access to, lose, or mishandle valuable data, either accidentally or because they are not aware of security policies.
This major problem are often addressed by employee training, but also by other measures, like data loss prevention (DLP) technology and improved access controls.
Phishing and Other Social Engineering Attacks
Social engineering attacks are a primary vector employed by attackers to access sensitive data.
Phishing may be a common form of social engineering. It involves messages that appear to be from a trusted source, but after all are sent by an attacker. When victims comply, for instance by providing private information or clicking a malicious link, attackers can compromise their device or gain access to a company network.
Insider Threats
Insider threats are employees who inadvertently or intentionally threaten the safety of an organization’s data. There are three sorts of insider threats:
· Non-malicious insider
· Malicious insider
· Compromised insider
Ransomware
Ransomware may be a major threat to data in companies of all sizes. Ransomware is malware that infects corporate devices and encrypts data, making it useless without the decryption key. Attackers display a ransom message posing for payment to release the key, but in many cases, even paying the ransom is ineffective and therefore the data is lost.
Many types of ransomware can spread rapidly, and infect large parts of a company network. If a corporation does not maintain regular backups, or if the ransomware manages to infect the backup servers, there could also be no way to recover.
Data Loss within the Cloud
Many organizations are moving data to the cloud to facilitate easier sharing and collaboration. However, when data moves to the cloud, it’s more difficult to control and prevent data loss. Users access data from personal devices and over unsecured networks. it’s all too easy to share a file with unauthorized parties, either accidentally or maliciously.
SQL Injection
SQL injection (SQLi) may be a common technique used by attackers to gain illicit access to databases, steal data, and perform unwanted operations. It works by adding malicious code to a seemingly innocent database query.
SQL injection manipulates SQL code by adding special characters to a user input that change the context of the query. The database expects to process a user input, but instead starts processing malicious code that advances the attacker’s goals.
What is threat modeling?
Threat modeling is a process for optimizing applications, buisness or system process by identifying vulnerabilities and then defining countermeasures to prevent the effect of threat to the system.
Why is threat modeling important?
An application or system must be designed to withstand any malware attacks.
Threat modeling is a process of uncovering threat not usualy considered or found through codes and other types of audit. It tells the project team to determine which security controls a system needs to set a effective countermeasures against threats, and how to resolve problems early on.
Threat modeling tools
Threat model is not simple as there is an endless number of possible threats.
Threat modelling tools reduce the complexity of the process, making it organised and repeatable.
Some commonly used threat modeling tools include:
· CAIRIS.
· IriusRisk.
· Microsoft Threat Modeling Tool.
· OWASP Threat Dragon.
· SD Elements.
· Threagile.
· ThreatModeler.