Iniel Dreyer, DMP SA Group MD.
T“Silent theft” of data is an increasingly prevalent cyber threat to businesses, resulting in the continued leakage of personal information into the public domain through undetected attacks that cannot be policed even by data privacy laws. As the term suggests, exfiltration of data from a corporate network is often done without even the target being aware of the attack. In such cases, cybercriminals only aim to steal your personal information without being detected. This data is then sold for a substantial profit.
South Africa’s Protection of Personal Information Act (PoPIA) aims to protect personal data from theft, misuse and malicious activity, but the law does not apply to attacks that go undetected and unreported.
Unlike ransomware attacks, silent theft of data does not involve financial extortion or encryption of information. Instead, hackers steal valuable data from organizations and sell it on the dark web. This illegal activity is largely responsible for the proliferation of spam calls and marketing that floods ordinary people’s lives, not to mention the rise in bank fraud.
lack of alignment
The gap between PoPIA’s objectives and an enterprise’s approach to data protection is due to a misalignment between business and IT department goals. A company that has specific legal requirements that must be met in terms of data privacy needs to be able to rely on his IT department as an enabler to ensure compliance.
Unfortunately, these two departments are often at odds, resulting in technology tools and solutions that ultimately don’t meet business needs. But with money spent, companies tend to try to reverse engineer the solution to make it work, and things often go awry.
Silent theft continues undetected because most organizations only realize they have been compromised when a ransom is demanded. That’s because most organizations don’t have the right security tools in place to detect this type of attack.
To defeat attackers who aim to linger on corporate networks as long as possible before being caught, organizations must turn to deception technologies to proactively respond to intrusions before any real damage is done. . In the case of data theft, it is important to take precautions because once your information is stolen, there is nothing you can do.
fool the hacker
Deception techniques deploy “honeypots” – fake assets and systems – on an organization’s network that hackers perceive as genuine systems. These decoys can imitate any IT device or application and usually have vulnerabilities that make them attractive to exploit.
When a honeypot is attacked, it sends an alert to the network management team that an intrusion has been detected. Deception techniques can also detect the source of the attack, where access to the network was gained, and the type of device used to perform the hack. This allows IT teams to take the necessary steps to prevent attackers from causing real harm.
It is important for businesses to have a security framework and posture in place, and they need to understand what products they have and whether those products meet their specific requirements for cyber resiliency. there is. Cyber resiliency allows businesses to defend against cyber attacks. Part of this includes proactive data management to prevent unauthorized access to sensitive data.
Backup and recovery strategies alone are not enough to stop silent data theft. A more proactive attitude should be adopted through the introduction of deception techniques. However, organizations must ensure that they utilize competent service providers to implement and support cyber resilience within their environments.