AbstractThis paper proposes thethreat that lies over the huge piles of data registered, stored by numerousEnterprise. Each Enterprise big or small, generates a huge stack of data whichcan be in regards to data subject to customer’s personal information or it canbe some crucial information regarding the profits and losses of an Enterpriseor in fact regarding some information on company’s private and top secretpolicies etc. This data is very crucial to any Enterprise and can decide thefuture of a company to rise or demolish at one’s. Hence, this data needs to bepreserved and needs to be protected from getting captured by anyone who couldmisuse it.These days cloud storageis widely popular as it reduces the junk in system and makes the data availableto various system without occupying space in any. But, this data stored incloud face numerous cyberattack in order to capture them and drain the crucialinformation out of it. Hence our paper focuses on this side of the data, it’ssecurity, the threats it face and the measures to keep it safe. Introduction75% of incidents recorded in the financial services sector came from webapplication attacks, distributed denial of service (DDoS) and card skimming;while cyber espionage and DDoS were particularly common in the manufacturingsector Big Data and its sensitivity to attacks:An enterprise, including your telephone service provider to Google afamous search engine keeps track of your searching habits to App merchants thatcan access some sensitive and personal data of yours via their application/useragreement license.
The more they get in close to end-user’s personal data themore they hold the personal information of their customer’s/users. Thispersonal information can tell a person a lot about the user and can be a rootcause to compromise with security and privacy of that user, and some hackerslook for this information in order to plant a malware for that user. So, thisis possible only if they can sneak in a user’s internet usage habits which ispossible if they can hack this data and get the info about numerous users.Hence, big data looks like a big stack of honey to this greedy bee sort hackersand hence is more often to experience a cyberattack. Now, in order to preventthe interest of their fellow users it is the responsibility of these dataholders to keep this personal information secure and as confidential as possible.
Reasons for these attacks to happen :· User – This can refer to end user authentication and security, it can trace thedata such as users working choice ,user’s taste preferences, his/her locationinformation as well as the types of browsing trend they have inhabited. Theymost widely keep a track as to what site’s are mostly visited by the user andif any of the can be made prone to a cyber attack or of any of them that makesit easier for them to attack.· Content – The content present in the data also decides it’s vulnerability toattack. The type of file/document, password. Patterns suck as (11 characterstogether can be an account no, 4 digit together can be an ATM pin). Theattacker could run an algorithm that checks the device repeatedly, basically tocheck the information, data patterns they are looking for. These algorithm cancrash the security measures easily as to what they are doing is simply checkingthe file type which is not a possible ransomware.
· Customers – This would be more crucial fro he customers of a debitcard or a credit card company as well as any company that could involve processof premium payments. The attackers would not just attack the database of anice-cream parlour to get the database of ice-cream prices. They would continue tolook for some database that helps them to gain privacy of people for which theycan demand something in return. Hence, databases of banks and above mentioned companiesget more prone to attacks and therefore would need special attention for informationsecurity.· Networks – They type of network including minute details of it together can playa crucial role in determining the attack.
The Source and Destination as well asthe Time Zone (Date as well as Time), the bandwidth of the network and theactivity. This can be briefly summed up as, that a database of a bank in someAfrican country is more prone to attacks than compared to that of any Canadianbank. Reason behind being, that the security and network strength varies.
· Device – Together including the software and types constitute of it. Whetherthe software is updated on regular basis or not and if the securitycertificates are revised on regular basis or not determine the same. If adevice uses an outdated software then, surely it gets more prone to attacks, asthe attacker might have software times more advanced and times more faster thanthe device. Easy tricks to identify this attack:· Irregular trends in transaction – If a system or network makes too manyrequest for a transaction like it had never made before, can be a determiningfactor in a security measure. As, it is possible that this request is a part ofan attack made on the database.· Anonymous IP Addresses making request tonetwork – If an IP Address ofa request is found to be unusual or hidden, there is a higher possibility thatit’s an attack and the Sender is too smart and knows that IP Address can gethim behind the bars and therefore this can make an attack from a non-detectablesource, PC.· Unusual traffic in the network, can also causecongestion – When there aresuddenly too many request on a particular, though it can be a normal scenario.But.
There are fair chances that it’s an attack and has been planted to jam thesite/ overload the server to make it inactive to prevent against the attack.· Suspicious software making transaction request – Sometimes the software/ technology can alsohelp us to detect an attack. What if we are receiving a request via a systemsoftware, never interacted with. Can it be someone’s innovation to ease hisattack on our data base.Protecting Big Data:In the year 2017, on July 26 an attack over the database of ArkansasOral Center took place also specialising in facial surgery where it made theX-ray files as well as the documents along the emails became encrypted. Thoughthe database of the patients was safe and could not be encrypted by theattacker.
The attack was though soon prevented but, it was figured out that dueto this the hospitals and patients had to bear the chaos for almost up to 3weeks. Though the attack here was cured and the losses here couldn’t beaccounted as too big. But, what if the attack was made on a bank and what if it’sdatabase was encrypted, hacked by the hacker. It could have easily resulted inlosses of precious and confidential customer data including ATM pin, Card No, Accountno etc.
That can even sum up to losses of millions of dollars together. Hence,here comes in picture the concept of Big Data and it’s security.What makes Big Data more prone to attacks is:· Complexity – Big data knowingly is too complex as it holds huge pilesof information about the customer, Some of them are so informative that if thisinformation falls in the hands of a wrong person that it’s just like thatperson can use that information and cause huge losses to the person informationbelongs to.· Huge Pile of data – Whenwe call it a Big Data it means that we are talking about the data of a lots andlots of people. Just imagine, hacking email id of a person to get his personalinfo and hacking a bank’s server to get the data of almost 0.1 millioncustomers.
Of course, the second one is more beneficial for the hacker whichmeans big data gets more prone to such attacks.· Storage – Data so big can’t just fit into any system or any other electronicdevice hence they need to be stored on cloud storage/servers. Secondary reasonbehind is that such databases needs to be accessible globally as numeroussystems might have rights as well as needs to access that data. Hence the datais stored on clouds.
The only thing preventing such data could beauthentication key which if fooled via complex hacking algorithms can lead todisasters of leaking information and making it public