The Data Blog
Throughout the last few years, cybersecurity and cybersecurity strategies have drastically altered to combat data breaches and hackers trying to access private information, but did you know that one way it evolved was simply due to the overwhelming amount of information posted online by regular internet users?
Enter misinformation and disinformation; two tactics that are now employed very easily thanks to the plethora of "fake news" and faulty tabloid headlines that are written as clickbait to attract the attention of social media users and website browsers. With an abundance of all of this information on the internet and there not being any signs of incorrect information slowing down, we've entered a new age of fighting cyberattacks; by overloading wrong information.
Misinformation and disinformation, while similar, do have one key difference; misinformation is the accidental or unknowing spread of incorrect information no matter how 'almost factual' or beyond the truth the content is. The important part here is that misinformation is spread without proper intent to do so; users who share content with incorrect data or information are finding themselves misinforming the general public, or those who read their social media posts at least, which leads to the misinformation cause.
Disinformation however, is the spread of incorrect information and data with intent to do just that; lie or upload false statements for any means necessary. Whether it's for political intent, cybersecurity strategy, or because someone just wanted to lie over the internet, the act is classified as disinformation, something that has become very popular over the last few centuries through different means such as espionage and propaganda.
Disinformation campaigns have been around just as long as misinformation campaigns have been, the only difference being intent, but nevertheless both are methods that are being picked up as a cybersecurity strategy and defense mechanism to mitigate people from finding out the truth. Whether the campaign seeks to inflate profits, deflate statistics, or just simply cover up a piece of information, it's easy to say that these strategies have become modernized in the world of technology.
Everyone always tells you to be careful what you post online and that once posted to the internet something will be there forever. Social media websites are the biggest examples of pages you should monitor your activity on and the information you give out on them. Whether it's someone being able to see private information you uploaded about yourself publicly, through your messages with friends, or clicking on a link from the website that turns out to be malware, it's safe to say there are numerous ways one can become less secure simply by just having an account on a social media website.
Twitter and Facebook accounts get hacked all the time and even prominent figures accounts (which could be argued are actually less safe than the average person's account) are vulnerable to cyberterrorists, hackers, and anyone trying to get a good laugh or access information they maybe shouldn't be able to see as easily. So is social media bad for cybersecurity? Not necessarily; social media websites take these hackings as a challenge and create algorithms and programs to detect any funny business so that hackers can't access information as easily as they used to. Hackers in turn develop better hacking software and it becomes an endless cycle where one party tries to outdo the other to ensure they get the final say in what happens to your data.
Avoiding social media all together seems like a good strategy then, right? On one hand, If you don't have an account, you can't get hacked, so your data and personal software are safe. However, it just takes one devious person to notice you don't have any social media accounts before it comes crashing down on you. By catfishing and pretending to be you, hackers are able to get access to private information they may not otherwise be able to get. Furthermore, if you can't monitor social media, pictures or information about you that you wouldn't want up otherwise can go unseen by you and thus uploaded, downloaded, and on the internet forever.
The best practice for social media is to monitor your accounts and limit both what you post and what information you provide. Limit who can see that information and what they can do with it, and to be really secure, make sure you use different passwords for each of your social media accounts, so if one is hacked, you have the others to fall back on.
Social media is still an evolving technology much like cybersecurity, and due to this it has led to many data leaks and hackings. However, because of it and the focus on keeping your information safe on social media, the world of cybersecurity has advanced greatly.
Cyber Security Consulting companies are always interested in new value-added advice they can provide to their clients. One potentially lucrative area is recommending a synthetic data solution that would eliminate the risk of a data breach through your development, laboratory, and testing ecosystems where most breaches occur.
This is potentially a very lucrative market opportunity for these consulting companies. Software development globally is estimated to be around $500B annually, of which about 30% or $150B is for test data provisioning. This is all being done today through a process that modifies production data with the potential to convert to services revenue through a new disruptive synthetic data process. ROI’s are strong for the end customer eliminating repetitive labor tasks, compressing development times and removing a security risk area, which drives high margins for these new professional services.
Learn more at www.exactdata.net
When one thinks of cyber security, cyber attacks and hackers, one doesn't typically associate the manner with terrorism. However, cyberterrorism and foreign intelligence cyber attacks are becoming more of an issue as the internet evolves into a more mainstream medium around the world. Just this past July, hackers from Russia have been accused of electronically meddling in international affairs and general elections of the United Kingdom and of trying to steal information relating to a potential COVID-19 vaccine. Likewise, The United States has reportedly launched cyber operations against countries such as Iran, China, Russia, and North Korea via the CIA to 'cause disruption and leak information to the public.'
Cyber attacks can take many different forms; phishing emails, keystroke monitoring, malware downloads, and web activity monitoring, which makes tracing them hard to begin with. Additionally, attacks can be historically hard to trace due to the sophisticated nature the operations tend to take. Why, anyone can download a VPN to fool online tools and fool browsers and companies by placing their signal in another country; if just about any computer user can change their location on the internet, just imagine what the most advanced hackers are capable of.
Fortunately, there are several ways to combat cyberterrorism which range from flooding the internet with fake data to discredit the findings of any successful cyber operations to full fledged task forces and commands to fight it such as the United States Cyber Command or China's Blue Army. For more information about how the United States combats cyberterrorism, visit the United States Cyber Command website.
Every company or government agency has had some sort of data breach at some point in time. They might not even know that the breach has happened. An interesting new strategy gaining interest within the cyber security community is the use of offensive misinformation campaigns.
Misinformation campaigns involve generating synthetic databases that would be indistinguishable from the production databases and having them passed to adversaries either through a honeypot deception solution or directly placed on dark websites dealing with selling stolen data. The result is that the adversaries will uselessly expend resources trying to sort out what is real and not, place doubt on any real information they might already have, and run illicit fraud campaigns against people who do not exist.
For example, the Boeing aircraft manufacturing company would leak synthetic highly confidential wing design databases that would be indistinguishable from the real ones without extensive analysis or access to other information for verification. Other examples would be Equifax leaking bogus credit reports or VISA fake personnel financial information. The confusion and harmful effects on the adversarial community would be tremendous.
Learn more at www.exactdata.net
The Next Step in the Evolutionary Cyber Security Ladder; Complex Dynamic
Payloads with High Fidelity Content and Relational Scenarios
Commercial network traffic generation technologies such as Ixia BreakingPoint or Spirent simulate real-world legitimate traffic, distributed denial of service (DDoS), exploits, malware, and fuzzing. These technologies help to test and validate an organization’s security infrastructure.
Today, advanced behavior-based threats are growing more sophisticated, harder to detect, and are accelerating rapidly. Current networks are becoming even more vulnerable to these rapidly growing
threats that cost more than $4B annually in the US alone. Detecting and mitigating Advanced Persistent Threats and Insider Threats demand far more advanced testing techniques, analytics, and sophisticated data sets for consistent detection, demonstration, measurement, and mitigation.
Today, you can combine commercial network traffic and synthetic data generation technologies to
provide rich content that mirrors real-world network traffic with configurable threat patterns contained within the traffic data. This end-to-end solution generates the behavioral network traffic test data as well as the system response files, enabling immediate scoring and correction of systems errors. This is a huge advancement in this critical and growing segment of sophisticated threat-based network testing.
60 percent of breaches are linked to a third party. Why are you giving them access to your data when you don't need too?
Third-party contractors are the biggest source of security incidents outside of a company’s employees:
Why are commercial companies and government agencies giving access to their private and confidential data to third parties when there exist viable technology alternatives to this practice and they don't need too?
A thought exercise on the System perspective of dev and test, as enabled by ExactData Synthetic Data.
Let’s consider the development of an application that scours incoming data for fraudulent activity… How would that test and analysis look with production data, de-identified production data, hand crafted data, and ExD synthetic data?
Let’s also consider that the application will classify all transactions/events as either bad or good. The perfect application would classify every transaction correctly resulting in 100% Precision (everything classified as bad was actually bad), 100% capture rate (classified every actual bad as bad), 0% escape rate (no bads classified as good), and 0% False Positive rate (no goods classified as bad). The application needs to be developed, tested, and analyzed from a System perspective. For example, the application could classify every transaction as bad and achieve 100% capture rate, and 0% escape rate, but would also result in poor Precision and a huge False Positive rate – thus requiring significant labor support to adjudicate the classifications. On the other extreme, the application could classify everything good, be mostly right, and not catch any bads. Both of these boundary conditions are absurd but illustrate the point of the importance of System.
One method of System analysis is the Confusion Matrix, noted below.
With production data, you don’t know where the bads are, so you can’t complete the confusion matrix.
With de-identified production data, you don’t know where the bads are, so you can’t complete the confusion matrix.
With hand-crafted data, you might have the “truth” to enable completion of the confusion matrix, you would not have the complexity or volume to be truly testing to find the “needle” in the haystack of fraudulent behavior within mass of good behavior.
With ExD synthetic data, you know where every bad is (you have the ground truth), so you CAN complete all 4 quadrants of the confusion matrix, and can then only, conduct a system analysis, driving the application to the real goal of tuning and optimizing Precision (maximizing TP) and Capture rate (maximizing TP/TP+FN) , while at the same time minimizing Escapes (FN) and False Positive rate (FP/FP+TP). Within a particular setup of an application version, these are typically threshold trade-offs, but with next iteration development, there is the opportunity to improve on all scores.
One of the major debates about the cyber world pertains to privacy and how much of it one really has. With companies such as Facebook, Google, and Apple using customer data more and more, we know that our once private lives may not be as secret as we think. In their book 'Who Knows; Safeguarding Your Privacy in a Networked World', authors Ann Cavoukian and Don Tapscott discuss how secure certain documents that are supposed to remain private such as medical records and employment history really are.
The truth is with advancements in technology and cyber security, privacy and one's data is more readily available to companies, hackers, and even other ordinary individuals. Some companies make the point that they only use consumer data for our benefit, showing products one may need before they know they need them or memorizing GPS routes if one travels that way constantly. While it's true that our daily lives are significantly improved because our data is being used in this manner, there one question we have to ask ourselves; is having less privacy a fair trade-off for potential everyday life benefts?
One thing is for certain; we should all take measures to make sure our data is as safe as it can be. Limiting who has access to your social media profiles and information, using secure passwords, and not clicking sketchy links are very easy tips and tricks to always keep in mind to make sure your data is really yours.
What Test Data is Being Used Today and by Who?
An organization’s development ecosystem, including technical partners, software development and
contractors have a growing need to access private and confidential data to do their jobs. Relevant data sources are a necessary component of the software development, technical integration, testing, implementation and ongoing operations and maintenance processes and production data sources are commonly accessed and modified for this purpose. Complex, integrated technology solutions can no longer be managed within an organization’s internal operations but requires a large and varied global ecosystem of partners, consultants, technology companies and contractors. There is a similar need for test data within the organizations cyber security operations. It is also common practice for this ecosystem to utilize historical data, captured network traffic and simple network traffic generation technology for testing purposes.