SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
Exclusive: Why social media platforms are so vulnerable to cyber threats
Wed, 10th Oct 2018
FYI, this story is more than a year old

Gemalto released the latest findings of the Breach Level Index, a global database of public data breaches, revealing 945 data breaches led to 4.5 billion data records being compromised worldwide in the first half of 2018.

Compared to the same period in 2017, the number of lost, stolen or compromised records increased by a staggering 133%, though the total number of breaches slightly decreased over the same period, signalling an increase in the severity of each incident.

A total of six social media breaches, including the Cambridge Analytica-Facebook incident, accounted for over 56% of total records compromised. Of the 945 data breaches, 189 (20% of all breaches) had an unknown or unaccounted number of compromised data records.

The Breach Level Index is a global database that tracks data breaches and measures their severity based on multiple dimensions, including the number of records compromised, the type of data, the source of the breach, how the data was used, and whether or not the data was encrypted.

By assigning a severity score to each breach, the Breach Level Index provides a comparative list of breaches, distinguishing data breaches that are not serious versus those that are truly impactful.

According to the Breach Level Index, almost 15 billion data records have been exposed since 2013, when the index began benchmarking publicly disclosed data breaches. IT Brief had the opportunity to discuss this with Graeme Pyper, Regional Director Australia - New Zealand, Gemalto.

What are the major risks of Social media breaches, especially in light of the recent Facebook breach?

When we look at social media, we tend to immediately think of Facebook or Instagram, but there are literally hundreds of social media channels out there. In fact, there are even companies that will manage your social media accounts for you, sharing things on your behalf that they feel match your profile. The most important thing to remember is that whatever you post online may be permanently recorded and could be used in your favour or against you at any point in time.

If you decide to leave a social media platform, there is no guarantee that your information is permanently deleted. More so, the pages that you have engaged with or responded to via an ad will have copies of your information. It is vital that every user is educated and informed of their privacy rights.

The very nature of social media is that we share information that is personal to us. A breach could result in embarrassing and potentially harmful consequences. The use of two-factor authentication on your social accounts should be the default for everyone.

In doing this, if someone tries to access your account or reset your password, your trusted device will respond with an SMS message containing the passcode. If you receive a passcode and you have not been trying to reset your account, this is the first indication that your account could be under attack and that you need to take action.

The OAIC has recently shared guidelines around social media and following the recent Facebook breach, have launched an investigation into the sharing of information to Cambridge Analytica.

What do you think is behind the increased level of attacks?

Twelve months before the NDB came into effect here in Australia, I spoke publicly about the fact that without breach notification laws in place we were not being made aware of the true number of breaches happening here. Now that NDB and other regulations are in place we are actually starting to see the scale of the threats and more importantly the threat vectors that are most common.

ID theft remains the main reason behind the vast majority of breaches, however, companies are starting to address this by replacing default passwords and using strong authentication methods. Only last week I read about California enforcing manufacturers to remove default user accounts in their products.

This is a different tactic and passes the responsibility back to the vendor supplying the solution. That said if the replacement accounts are considered weak when changed by the end user that would not stop a malicious person potentially gaining access.

When it comes to Cybersecurity, how do you think Australia fares? Both in terms of educating its populace on threats, and Laws/regulations that help protect data?

I like the way cybersecurity is gaining share of voice in the market, especially for end users. The National Cyber Security Strategy announced by the then Rt Hon Malcolm Turnbull is a great step in creating a framework, however, the skills needed here locally are scarce.

Vendors can plug the gap to some extent, but nothing can be compared to skilled and experienced individuals. What we are seeing now is not different from the rest of the world, it's just that companies are having to report on the fact they have been breached.

Companies need to allocate more of their overall IT budget to security and cybersecurity. In a recent independent market pulse survey conducted by an industry colleague, it was found that Australian companies spend on average 6.75% of overall IT budget on security.

To me, this is too small, and it demonstrates how companies value the information that they hold.  Equifax has spent $242m on post-breach costs which highlight the need to be proactive both in terms of being better prepared but also in understanding how to allocate funding.