Read time: 3 minutes

Cloud growth a factor in data breaches

By , Portals editor
Africa , 06 Dec 2018

Cloud growth a factor in data breaches

Several recent international incidents involving hacking and illegal access to data have prompted fresh warnings by IT security experts and companies.

News of the hacking of Marriott Hotel's guest reservation system and that of question-and-answer website Quora has elevated the issue of network system integrity and data security.

ITWeb reported that the hotel chain had admitted its guest reservation system was hacked "potentially exposing the personal information of around 500 million guests."

The company released a statement on 30 November which claimed as far back as 2014, hackers gained access to its Starwood reservation database and the company had only discovered the breach recently.

Commenting on the incident, John Shier, senior security advisor, Sophos, said, "The potential fallout from the Marriott's Starwood data breach should be alarming to anyone who has stayed at a Starwood property in the last 4 years. Not only are guests at risk for opportunistic phishing attacks, but targeted phishing emails are almost certain, as well as phone scams and potential financial fraud. Unlike previous breaches, this attack also included passport numbers for some individuals who are now at increased risk for identity theft. At this point, however, it's unclear what level of exposure each individual victim has been subject to. Until then, all potential victims should assume the worst and take all necessary precautions to protect themselves from all manner of scams."

Quora was reported to have discovered that one of its systems was hacked by a malicious third party, with the personal information of up to 100 million users accessed.

Andrew Voges, Threat Prevention Sales Leader Middle East & Africa at Check Point, said, "Hackers are deliberately targeting companies and websites which hold massive amounts of customer data – as we've seen with the recent major attacks against airlines and hotel chains. While it is not known how Quora's systems were breached, the hackers could have exploited any one of several vectors to get access. Organisations need to protect themselves against sophisticated fifth-generation threats which spread across networks, endpoints, mobiles and cloud services, and prevent them from being able to impact on their business.

"Luckily, there was no financial information associated with the exposed user data, and the stolen passwords were scrambled, but users should consider changing their passwords on other accounts if they have used the same password as for their Quora account. They should also be suspicious of emails claiming to be related to the Quora breach, as these could be phishing attempts to try and extract more sensitive information."

GreyEnergy

In October 2018 endpoint security firm ESET announced it had uncovered details of a successor to the BlackEnergy APT group, which it named GreyEnergy – a threat actor which focuses on espionage and reconnaissance "quite possibly in preparation for future cybersabotage attacks."

According to ESET's thorough analysis, GreyEnergy malware is closely related to both BlackEnergy and TeleBots malware. It is modular in construction, so its functionality is dependent on the particular combination of modules its operator uploads to the victim's systems.

Oded Vanunu, Head of Products Vulnerability Research at Check Point doesn't believe these incidents represent a sudden rise in attacks, but says they are rather the result of increased usage of cloud platforms.

He said that there are now more reports of breaches because companies have to publically disclaim these incidents (cloud vs on-premise) and vendors can no longer hide them.

"It is 'easier' to attack the cloud due to application logic bugs and multi-tenant architecture is not implemented in the cloud by vendors," Vanunu said, adding that the impact of cyber crime is increasing daily.

But who is ultimately responsible to ensure that data is protected?

Jean-Francois Le Bihan, Policy Director for Sub-Saharan Africa, GSMA said, "Consumers need greater transparency around the handling of their personal data, and many DPAs see this as an important role to play once established. Providing quick and easy access to consumers on how their information is being used and the rights they have over its treatment is becoming key for all organisations, and the private sector is playing a lead role where there isn't an existing legal framework. The mobile industry sees a lot of its members proactively contribute to the policy discussion to make sure this opportunity for the data economy is actively addressed."

Addressing data privacy regulation can be a challenging journey, but also opens up new possibilities for innovation if done right, said Le Bihan.

"Experience sharing across countries to ensure converging approaches and to avoid a patchwork of regulations is key among others to make sure that cross border data flows can happen from one jurisdiction to another while guaranteeing a similar level of protection."

Daily newsletter