Data Breaches and the Efficiency of Cryptography to Reduce Them

Due to the enormous growth of technology, online data has become an essential element and made radical changes to lives. As the data economy and data capitalism have evolved, online information is prone to attacks. The problems such as data leakage and personal information exposure arose and caught the interest of the experts. According to Purohit and Singh (2013, pp.1311-1316), information leakage refers to any situation where the data transfers either by online network programs or offline sources, such as flash drives, cameras, or even printing. Encryption is recognized as the most practical mechanism by specialists. Cryptography is a part of the logical and physical security aspects and is a sophisticated method to design and decrypt passwords to prevent information theft for third parties and unauthorized access (Bourgeois, 2014, pp. 122-145). Individuals and businesses must be sensitive and vigilant with the assets, confidentiality, and privacy disclosure, along with professionals, as the data breach is intertwined in every moment. This report investigates the causes and the consequences of data breaches and assesses the effectiveness of encryption. Moreover, it evaluates the extent of the impact of cryptography on online security.

The data breach is one of the serious problems and compromise faced by various organizations, including restaurant chains, online shopping malls, government agencies, universities, online media companies, and many more (Purohit & Singh, 2013). According to Shabtai et al. (2012), the data leakage occurrence and the wreak cost continues to rise. The 2019 Cost of a Data Breach Report by IBM (2019) found that the average damage caused by a data breach to a company was $ 3.92 million and has risen up about 12% over the past five years. In addition, the average damage in the United States was the highest at $ 8.19 million.

There are 5 common data breach causes, which are security vulnerabilities, human error, malware, insider threats, and physical theft (WHOA.com). The example of security vulnerabilities is weak or lost credentials including passwords, which is also the case for user error. The 90% data loss from Malware, malicious software, is found to be coming from emails and surprisingly, 34% of 2018 data leakage cases were done by the internal actions (Sobers, 2020). Furthermore, the data stored device itself can be the source of data leakage.

Information leakage can be largely divided into corporate and personal losses. The corporate has 4 main consequences. First is financial loss. According to Davis (2019), 29% of companies that faced data breach eventually lose revenue. The loss occurs on compensation and indemnification, lowered stock prices, enhancing security, legal issues, and also costs incurred during the data breach. Secondly, the long-term negative impact on business reputation. It was reported that affected customers avoid the organization and 65% lost trust and 85% of the 65% even share the negative experience remaining negative press (IBM, 2019). The third one is operation shutdown due to restoring lost data and the last is the loss of intellectual property when the target was on vandalizing the designs, strategies, and blueprints. For personal loss, it may result in secondary damage that is exploited for criminal acts such as spam mail, identity theft, privacy infringement, and voice phishing (Green, 2015).

Save your time!
We can take care of your essay

• Proper editing and formatting
• Free revision, title page, and bibliography
• Flexible prices and money-back guarantee

Place Order

The first example is Sony Pictures in 2014. The GOP hacker group hacked the internal network of Sony Pictures and they distributed 5 unpublished movies on an illegal content distribution site called ‘Torrent’. In addition, salary records and personal information of over 6000 employees were also revealed. As a result, Sony Pictures was unable to retrieve back the investment of the 5 movies and lost external credibility (BBC NEWS, 2014). The second case is Yahoo in 2014. According to Clement (2020), the data breach of Yahoo has the largest compromised involving 3 billion accounts. The attacker used spear-phishing mail links and targeted user database and account management tools. The attacker stole the backup copy using an installed backdoor on the Yahoo server. As a consequence, 3 billion user accounts including personal information and conclusively, the password recovery emails and the unique password values to each account were stolen and $350 million company value dropped (Clement, 2020).

The consequences mentioned above show the importance of data security. According to the report of IBM (2019), the ordinary data leakage is recorded as 25,575 cases. The web attacks blocked daily between 2017 and 2018 has risen by 56.1% worldwide (Clement, 2020). In a digital society, data breaches widespread that keeping the data properly is nature to ensure safety and assets. However, Sobers (2020) stated that found that only 5% of the information stored is protected and on average, half of the user accounts are stable. Both individuals and businesses should put effort into securing data. The individuals can help to protect their own privacy in 3 simple ways. The common practices are first, having complex passwords, and keeping it yourself. Secondly, patch all the software and hardware with antivirus programs and keep them updated. Finally, always be aware of accessing information. This could prevent common hacks from using malware (WHOA.com).

Bourgeois (2014) stated that the responsibility of an organization on data protection is bigger than the individuals. There is no question that data security and protection are on great value regardless of industry. Bourgeois (2014) added that the company should follow the same solutions as personal and additionally use cryptography for devices and data protection. However, the encryption is in charge of preventing hacks is not fully controlled or hinder data using a password to retrieve data (Green, 2015). Shabtai et al. (2012) stated that encryption is believed to be safe and useful by professionals due to the difficulty decrypting for a third party. The ways to attack data against encryption are trial and error, and side-channel attacks, and password analysis (Purohit & Singh, 2013). Purohit and Singh added that side-channel attacks occur only after the password set. Bourgeois (2015) found out that side-channel attacks are possible when errors are made in the design or execution of the encryption method. Amlie et al. (2016) used false-positive alarm methods to test the accuracy of cryptography. The result showed 90.39% accuracy. Overall, cryptography is an effective way for data loss prevention. However, the attack against the system is still possible that the experts should train and test carefully and reduce the mishandling.

With the pros and cons of data usage, it is clear that there are more advantages. Data breaches will continue and are on the rise. The help and cooperation of both individuals and businesses are essential in reducing data leakage cases. The proper use of encryption together will boost the data loss prevention effect. The cryptography does not completely protect the information yet due to its complexity and possible errors during execution. However, if properly implemented, it is the most practical and effective tool available for reducing data leakage. The importance of encryption should be realized by many people regardless of industry. Furthermore, careful research and training should be done to improve errors and eliminate possible side-channel attacks.