IDM ICO details
Start Date: 2018-6-4
End date: 2018-10-4
- Site: IDM site
- Twitter: https://twitter.com/IDMdatasecurity
- Facebook: https://www.facebook.com/IDMdatasec
- Github: https://github.com/IdealDataMemory/IDM-Smart-Contract
- Reddit: https://www.reddit.com/user/IDMdatasecurity
- Bitcointalk: https://bitcointalk.org/index.php?topic=3395543
- Medium: https://medium.com/@IDMdatasecurity
- Telegram: https://t.me/idmprotect_en
About IDM – Complete Protection from Quantum Supremacy
Current trends and issuesassociated with cloud data storage
The 21st century is the age of information. More and more data are generated on daily basis creating an ever-increasing demand for storage space. Not every home computer, let alone a mobile device, can store all of its own generated data. The capacity of the built-in memory is growing along with requirements for data safety. The increased volume of generated data proportionally increases the number of potential threats to the storage of this data.
With the growth in the number of devices, cloud storage services are becoming increasingly important. Many cloud storage providers promise fast, reliable and convenient services. However, the reality is a bit more complicated.
What kind of threats to the information are the most relevant today?
- The year 2013 was marked by a scandal involving the outdated SSL service certificate by Microsoft Azure, which provided criminals with an opportunity to hack the Xbox Live system;
- The so-called Celebgate incident, which happened in 2015, when hackers stole intimate photos of celebrities from the iCloud (Apple) cloud storage;
- The number of hacks inflicted on cloud services is growing every year at the rate around 50%;
- Approximately 70% of companies have at least one application running in a cloud;
- Lloyd’s of London and Cyence believe that a massive attack on cloud storage can cause losses in excess of $ 5 billion, and only 15-17% of the total amount will be covered by insurance;
- In 2017, the data storage of Equifax, the US leading consumer credit report agency, had been hacked resulting a personal data loss of 143 million customers. Consequently, the value of company’s stocks has plummeted by 13%;
- The absence of two-factor authentication resulted in a personal data theft of 80 million customers of Anthem, an American health insurance company.
Data loss in cloud storage
Despite the fact that this type of storage is called “cloud”, the data is stored in physical terrestrial and underground locations, called data centres.
The actual storage devices are hard disks prone to various effects similar to those inherent in modern HDDs, such as an appearance of bad sectors, errors caused by voltage drops or physical damage to the disk surface, both due to improper operation or a design defect.
As a rule, all information is duplicated in backup copies according to a specific schedule. However, this method does not fully guarantee the safety of your data. Also we must consider the human factor.
Theft of data from cloud storage
Data is not always lost as a result of technical failures. Often there is a banal theft. The criminals may steal information just for fun or with the purpose of honing their hacking skills. Information can be stolen with a very specific purpose: to make money through blackmailing or selling valuable data to interested parties.
Not long ago, the media was buzzing with the news regarding the theft of intimate photos of celebrities from the cloud storage belonging to one of the main players on the mobile market.
After the scandal, the company responsible for security of the storage, as a third-party contractor, left the market, but the pictures, however, went all over the world.
The storage where your data is located may be subjected to a targeted cyberattack. In that case, you could be just a casual victim, especially if the hackers aimed at the entire service with the purpose of stealing or damaging the personal data of a particular user, whether it be an individual or a company.
No matter how safe cloud storage is a simple DDoS attack can cause huge losses to the service by slowing down or blocking its operations, with users not being able to retrieve their data or use the service.
Despite the abundance of cyberthreats, the so-called human factor remains the most dangerous element in the process of securing data. An attacker can be located within the data centre, for example, as a system administrator. This situation is quite common. Some employees are willing to commit crimes to enrich themselves. The stolen personal data or the access to that information can be sold to various criminal organizations that may inflict an enormous damage, both moral and material.
Countermeasures to emerging threats
- The encryption of data by the user could be a viable method of countering cyberattacks and potential data theft;
- Another way is to select an additional option offered by cloud service, which provides uploaded data to be encrypted by the service;
- The two-factor authentication (2FA) allows to increase the level of data access protection with minimum costs;
- Anti-virus software that is a more conservative method of data protection.
How toSecure the Information in the “Transparent”Cloud.
Almost all existing on the market cloud storage services guarantee the integrity and maximum protection of user information from external influence of third parties.
Nevertheless, all services, one way or another, are obliged to comply with legal requirements of the country in which they provide services. Even the use of the AES256 encryption protocol, adopted as a data protection standard by US governmental organizations, does not guarantee the protection of your information. According to the current legal practice, a service is required, as per legislation of most countries, to provide government authorities with access to user data upon request.
The world-famous company UBER was subjected to a massive cyber attack, as a result, the data of 57 million drivers and customers had been stolen. The most disturbing thing was covering by the company the very fact of hacking and theft, and the payment to the perpetrators a ransom of $ 100 thousand dollars. The attack was interesting in itself because hackers got access to the company’s data through the GitHub service, where they hacked several accounts, downloaded data from Uber employees and with this data accessed a huge array of Uber data in the Amazon Web Services used by Uber for calculations.
Several years earlier, Yahoo and Equifax were hacked, along with many other companies and private accounts.
Not so long ago, one of the experts in the field of data security discovered a critical vulnerability in a seemingly secure WPA2 protocol, which is widely used in Wi-Fi networks around the world. By using the system called Key Reinstallation Attacks (Kracks) it is possible to gain access to the encrypted information on any device connected to Wi-Fi. It allows the intruder to steal virtually any information from the device, such as correspondence, photos, videos, browsing history and other critical data.
How did this become possible? The WPA2 protocol uses four-step data encryption. However, during a hacker attack, the Wi-Fi password can be stolen immediately after it has been entered. In order to avoid this, network access passwords have to be changed after each network session.
Here is another example. Dropbox, one of the leaders in the field of cloud data storage with 500 million registered users as of 2016, announced that they are not encrypting the uploaded data on the customer’s side. Many experts believe that the realization of this policy led to the situation in 2011, when over the course of four hours, after a routine software update, any user could log into any account by entering any password.
Advancements in technology and methodsof data protection in cloud storages
According to experts from Gartner, the world’s leading research and advisory company, more than 80% of data loss in cloud storages are caused by a customer, rather than by the cloud storage service. As a rule, the losses are due to inefficient organization of work with data by the customer. According to statistics provided by Gartner:
- 64% of customers of all data services believe cloud storages to be safer than the conventional methods of storing and securing information on the customer’s side;
- Nevertheless, 75% of customers encrypt the data before uploading it into the cloud;
- 52% strictly regulate and conduct a rigorous control over granting access to company’s data;
- Almost 50% of companies regularly analyze and verify their data management systems; o By mid-2018, 80% of all IT budgets will be allocated to cloud solutions;
- 49% of companies delay the deployment of cloud storage due to a lack of cybersecurity skills;
- Today, only 23% of companies have full confidence in cloud storage services in terms of data protection.
According to experts in data protection, the main factors critically affecting the safe storage of information are:
- Data encryption both by the customer and by the cloud storage;
- Clear and strict rules for access to the customer’s data;
- Means and methods of restoring data damaged as a result of actions by third parties or by a malfunction of the equipment;