Major Centralized Systems are Hacked Multiple Times a Year

0
7

There is a reason that a majority of the world’s services are offered through centralized systems. Before the advent of distributed systems such as blockchains, we collectiavely looked at centralized systems as the surest path to increased security. These perceptions pre-date the digital era; since centuries, ledger-based centralized systems have enabled services that would be difficult through alternate arrangements – such as banking and asset exchange markets.

The emerging relevance of distributed systems in recent years has headlined the vulnerabilities that flow naturally from trusting centralized systems. To clarify things from the get go:

  • With a centralized system, data is typically stored, updated and managed through one location rather than spread out across many. When this core system is hacked, it translates to losses for all nodes and stakeholders that rely on it. For example, if a country’s central bank database is hacked into, it usually spells trouble for the economy at large – including private banks, businesses and individual consumers.
  • With a decentralized system, data relevant to respective locations is stored and maintained independently of a central hub. This usually means damage due to  a hack targeting a specific location would be largely restricted to that specific location, rather than to all nodes connected to the central system.. In distributed systems, this concept is taken one step further: the same data is distributed and synchronised in several independent locations; thereby making prospects of hacking the entire system difficult and cumbersome.

With a vast majority of our information being stored on centralized servers, this leaves us open to a considerable threat and manipulation – all our vital information might (and often does) end up in the wrong hands. 

Centralised Systems: A History of Major Attacks

We have compiled a list of some notable hacks in recent years that targeted centralized systems and resulted in massive damages.

Here are some of the major ones that caused the most furor and harm.

1.      Citibank – 1995

The amount of exposure electronic transactions have was truly highlighted in this incident in 1995 when an engineer, Vladimir Levin wired an estimated $10 million to accounts worldwide by hacking into the Citibank systems. 

2.      Mafia Boy – 2000

Michael Calce, a teenager from Canada caused massive damages to major multinational companies such as Yahoo!, Dell and CNN by managing to freeze their operations through the infamous Mafia Boy virus. In essence, the Mafia Boy was a denial-of-service (DoS) attack which made many of the services non-responsive to input from users.

3.      Delta Airlines – 2004

In 2004, an 18 year old Sven Jaschan managed to bring down the entire IT department of Delta Airlines, understandably wreaking havoc for the organization as several transatlantic flights had to be cancelled.

4.      Operation Shady RAT – 2006

This particular incident brought to light the massive attention that espionage is getting online. The attacks led to significant damages for major defense organisations and public organisations such as United Nations.

5.      Mt Gox Bitcoin Exchange – 2013

A  blockchain based around the distributed systems approach, Bitcoin itself is quite secure. Nevertheless, it is operated through stock exchanges where people are able to convert normal currency to Bitcoin. This exchange was the subject of a hack in which a whopping $460 million was stolen. This proved to a deathblow as the exchange soon became bankrupt!

6.      Bangladesh Bank Heist – 2016

The Bangladesh bank heist is remarkably astonishing as it managed to exploit the presumably hyper-secure SWIFT banking system. This is a global monetary transfer system, and is used extensively all over the world. The gang responsible managed to make $81 million!

7.  WannaCry – 2017

The latest in a string of cyberattacks – the modus operandi differs as hackers usually demand money in return for the information stolen during a hack. This is termed as ransomware. Multiple organizations in about 150 countries suffered, including the National Health Service in UK. 

This image has an empty alt attribute; its file name is e2mcneg38QZ8oHcX654u2NM70AtmkZVf0ssIA-UljMrw0NTOshQakyJ5BLH7SqFIQX8NkYdMwmcLNJ6iQTQ-D_LvjCImvIgi_5NWmQ2P19q_q305rHh6akgcx8E3waOI40o5GfCV

So what can be done?

In order to safeguard against security breaches, a number of ‘best practices’ are suggested for companies and service providers of all sizes. While the threat can be greatly reduced by employing all these methods, it is simply not possible to completely eradicate the threat.

  • Protect all personal and sensitive information. Be careful not to reveal it to service providers with questionable data protection practices.
  • To safeguard information, reduce the transfer of data online. Cloud based systems may be convenient for companies, but they come with their own array of risks.
  • Downloads should be restricted, particularly on company laptops and systems which are linked to central servers where information is stored.
  • All unencrypted systems are prone to attacks, only encrypted devices should be allowed.
  • Security systems that regularly check up on firewall protection should be automated.
  • Restrict accessibility to a need-to-know basis.
  • Employees should be educated regarding phishing emails and such. This will ensure that they aren’t opened up by mistake, bringing about serious problems.
  • Conducting regular audits and tests should be a top priority for organisations.

And here’s the big one, one that must be done on the structural level and not by individuals per se:

  • Shift to distributed systems. Blockchains have shown the potential benefits of distributed systems in overcoming the security shortcomings of centralized systems. A number of major banks, such as UBS, Banco Santender and Credit Suisse are exploring the possibilities of the technology for both security and efficiency. 

In Conclusion

There are multiple ways in which cybersecurity can be reinforced, much like walls outside a house. However, the threat always exists and new ones emerge every day. Hence, constant vigilance is really the only way out.

Reference Links

https://www.vpnmentor.com/blog/20-biggest-hacking-attacks-time/
https://www.forbes.com/sites/forbesfinancecouncil/2018/03/08/how-to-protect-your-business-from-a-data-breach-seven-key-steps/#369ec3fa6b68

LEAVE A REPLY

Please enter your comment!
Please enter your name here