[BreachExchange] Is Big Data Security Still Lacking?

Audrey McNeil audrey at riskbasedsecurity.com
Mon May 1 18:57:24 EDT 2017


While the idea of keeping big data secure is not new, have the companies
which provide these services been keeping up with the latest cyber threats?
>From viruses to ransomware there is a range of serious malware and programs
which can hack into and delete, steal, or lay ransom to your data. Some
areas in which big data security providers need to develop include
ransomware, gaps in the Hadoop security stack, and a corporation’s own data
policies which may leave it open to breach. Customer trust is an important
and growing necessity in online business transactions. Keeping data secure
from threats goes a long way toward reassuring customers that their
information is safe with the company they wish to do business.

Even as short a time as four years ago, CEOs were less worried about trust
in business - just 37% in fact. By 2016, companies were wising up that
protected data meant customer trust. In 2016 58% of CEOs took consumer
trust seriously. The latest figure is estimated to be 9 out of 10 CEOs.
Here are the top three security and privacy threats which companies are
currently attempting to come out in front of.

Hadoop Security Stack Gaps

Hadoop offers the distribution of big data for companies as well as
analysis and IoT strategies. Unfortunately, it contains data security
issues. The three big companies distributing Hadoop have become known for
creating distinct and competing stacks of security software. This creates a
host of issues related to security including incompatibility and vendor
lock-in. With Hadoop data lakes, raw and unstructured data along with
semi-structured data of unknown quality is left unstructured until it is
read. Also, according to experts, the use of file system based data which
has been unprotected inside the security system. These gaps allow third
party security gaps.

Corporate Data Policies

Sometimes a company's policies can be the security breach a hacker uses to
get inside your secure data. For instance, an IT department may be hindered
in their ability to purchase or implement the newest technology to protect
against cyber crimes due to levels of management who must approve a
purchase order. While waiting for an approval, cyber security sometimes
sits with its gaps and hopes that a hacker will not find and take advantage
of them. When it comes to motivation, money is the primary gain for
hackers. Therefore a hacker has nothing to lose by trying, trying, and
trying again to penetrate a company's data protection. Some CEOs operate at
a disconnect from their IT departments and do not realize the seriousness
of the threat of cyber breaches.


Just as it sounds, ransomware takes control of a company's information and
holds it until the company pays the ransom. To do this virtually, they may
erase information from a company's databanks or use specific programs which
mean the company cannot access their databanks without help from the ransom
hacker. Sometimes with ransomware hackers get in through one of the Hadoop
vulnerabilities, port 50070. Hackers are looking for open HDFS installs
which they can exploit to their advantage. There are very high tech, highly
skilled hackers who take advantage of the availability of the internet to
find vulnerable information around the world and use it to their advantage.
Russia has become particularly known for its "good" hackers as well as the
"bad" hackers, IE White Hat and Black Hat. In this nation, it is considered
useful to have both sets of computing skills.

Clearly, there is a gap between knowledge of the vulnerabilities of big
data security and implementation of techniques to guard against the
vulnerabilities. While more companies are coming online to the realization
that data must be safeguarded as much as other areas of a company's
computer systems, integrated security covering every level of potential
exploitation is still a new and necessary step.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20170501/218cdc8e/attachment.html>

More information about the BreachExchange mailing list