Listening in on your data packet transfer causing an immediate breach and enforcement from the regulator
With just under 24 hours remaining until the enforcement date of the Protection of Personal Information Act (POPIA), you need to be cognisant of how unknown breaches may occur when you are not in sync with your web development company or the person that assists you in updating and maintain everything about your digital domain.
The responsible party being the CEO of the business is accountable for this risk as cyber risk is to be treated just like any other business risk. As an information officer, you will be accountable for the breach.
This is a sample case that I performed using test data to illustrate how a hacker listens in on your data packet transfer which leads to a breach of personal information:
I entered test information on the online contact us form on the particular website of which the hacker can listen in on your data packet transfer:
Lesson Learned:
The information entered on the contact form that was submitted was captured and since the website does not have any form of encryption and if your emails are also hosted on the same host without encryption you in for some serious consequences.
Now looking at what just happened let's look at the CIA Triad
The three letters in "CIA triad" stand for confidentiality, integrity, and availability. The CIA triad is a common, respected model that forms the basis for the development of security systems and policies. These are used for the identification of vulnerabilities and methods for addressing problems and creating effective solutions. The confidentiality, integrity, and availability of information are crucial to the operation of a business, and the CIA triad segments these three ideas into separate focal points. This differentiation is helpful because it helps guide security teams as they pinpoint the different ways in which they can address each concern.
Confidentiality involves the efforts of an organization to make sure data is kept secret or private. To accomplish this, access to information must be controlled to prevent the unauthorized sharing of data—whether intentional or accidental. A key component of maintaining confidentiality is making sure that people without proper authorization are prevented from accessing assets important to your business. Conversely, an effective system also ensures that those who need to have access have the necessary privileges.
Integrity involves making sure your data is trustworthy and free from tampering. The integrity of your data is maintained only if the data is authentic, accurate, and reliable.
Availability when data is kept confidential and its integrity must be maintained is often useless unless it is available to those in the organization and the customers they serve. This means that systems, networks, and applications must be functioning as they should and when they should. Also, individuals with access to specific information must be able to consume it when they need to, and getting to the data should not take an inordinate amount of time.
Let us look at the value that SSL brings:
Secure Socket Layer (SSL) is very important as it protects server to client communication. On installing SSL, every bit of information is encrypted. In layman’s terms, the data is locked and can only be unlocked by the intended recipient (browser or server) as no one else can have the key to open it. While dealing with sensitive data such as IDs, passwords, credit card numbers, etc., SSL helps you protect against the mischievous army of hackers and skimmers.
The second primary task of an SSL certificate is to provide authentication to a website. Identity verification is one of the most important aspects as far as web security is concerned. There is no doubt about the fact that the internet is increasingly deceptive.
Theres a strong correlation between HTTPS and higher search engine rankings.
Apart from encryption and authentication, SSL certificates are vital from a customer trust point of view. The easy to identify signs inform the users that the data they send will be secured. And if you’ve installed an OV or EV SSL, they can see your organization’s details.
The question is not " If " but a matter of " When " will it happen to your business irrespective of the overzealous measures you put in place like using two anti-virus programs which by the way is a bad idea as to when a threat comes in the two will battle supremacy over your endpoints resources and this could just be the entry point for an attack as while the two anti-virus programs are battling one another for resources they allow a threat that would lead to enforcement.
Even your security solution is prone to having vulnerabilities referred to as CVE which stands for Common Vulnerabilities and Exposures (CVE) system provides a reference method for publicly known information-security vulnerabilities and exposures.
Looking at an example being CVE-2021-3485 :
An Improper Input Validation vulnerability in the Product Update feature of Bitdefender Endpoint Security Tools for Linux allows a man-in-the-middle attacker to abuse the DownloadFile function of the Product Update to achieve remote code execution. This issue affects Bitdefender Endpoint Security Tools for Linux versions prior to 6.2.21.155.
Source: CVE - CVE-2021-3485 (mitre.org)
You can read the full details on NIST National Vulnerability Database (NVD):
Disclaimer: This initiative is purely for educational purposes and does not constitute express advice in the cyber solution landscape and I personally disclaim myself from liability based on any reliance on the information in this article and its contents, irrespective of the merit it carries.
Avishkar Singh (2021) | Director | Effectualness (Pty) Ltd