Online security has been one of the most discussed topics for years and apparently will be talked about for a long time to come. The document released by Apple Lossless Audio CODEC (ALAC), entitled The Continued Threat to Personal Data: Key Factors Behind the 2023 Increase (something like "The Ongoing Threat to Personal Data: Key Factors Behind the 2023 Surge“, in free translation) reinforces the company's arguments in favor of strong encryption and end-to-end data security, since many people are still vulnerable targets on the internet.
Another recent study led by Massachusetts Institute of Technology professor, Stuart Madnick, also reveals that data breaches are becoming a global concern, characterizing themselves as a true epidemic. Over the period from 2013 to 2022, the number of data breach incidents more than tripled, and the situation continued to worsen in 2023.
The main conclusion of the study highlights the imperative need for more robust measures to protect against breaches. The implementation of practices such as end-to-end encryption is emphasized as a essential measure, especially in the face of invasion attempts by criminals and spies who may be related to governments, targeting the servers where the data is stored.
A relevant aspect highlighted is the minimization of the problem when even the server does not have the ability to understand or read the stored information. The premise is that if the server cannot interpret the data, it is less likely that criminals will also be successful in reading this information.
About the Apple document
The report makes a strong recommendation on the implementation of the newly introduced Advanced Data Protection protocols for iCloud. It highlights the existing data protection offered by Apple, which includes the encryption of sensitive information such as passwords and confidential data. Advanced Data Protection extends this guarantee to cover applications such as Notes, ICloud Backup e Photos, although some limitations were seen.
The growing dynamics of cyber attacks exhibit a cause for concern for online users. Apple highlights that in the United States, in just the first nine months of 2023, there were almost 20% more breaches than in any previous year.
It is also highlighted in the report that more than 80% of recorded breaches involved data stored in the cloud, with attacks targeting cloud infrastructure practically doubling between 2021 and 2022. These numbers underline the urgency of improved digital security measures, especially in the face of growing cyber threat landscape.
Bad actors continue to dedicate enormous amounts of time and resources to finding more creative and effective ways to steal consumer data, and we will not rest in our efforts to stop them. As threats to consumer data grow, we will continue to find ways to respond on behalf of our users by adding even more powerful protections.Craig Federighi, Senior Vice President of Software Engineering at Apple
The prevailing perception among security experts is that hackers are becoming becoming more and more professional, with more advanced features. Surprisingly, some of these attackers go so far as to run support centers to assist affected customers.
The main issue of the problem lies in the fact that the ransomware turned into a profitable enterprise, benefiting from more sophisticated invaders. Criminals have always known how to gather and articulate small fragments of data from individuals lower in the corporate security hierarchy in order to compromise security in other sectors.
Simen Van der Perre, strategic consultant at Orange Cyberdefense, recently issued an alert, indicating that many of the most advanced ransomware attacks occur over time and in different phases. In this scenario, the expectation is that every small vulnerability will be identified and exploited, highlighting the need for a proactive approach in identifying and correcting these weaknesses to mitigate the risks associated with cyber attacks.
Hackers are evolving their methods and finding more ways to defeat the security practices that once held them back. Consequently, even organizations with the strongest possible security practices are vulnerable to threats in a way that wasn't true just a few years ago.Apple claims
It is clear that the issue of data is not just restricted to employees and individual users. The vast data repositories maintained by multiple companies represent potential targets. The breach of data brokers and government systems revealed that the information stored in these systems, relating to people, requires more effective protection.
The fundamental idea is that effective data security is not just limited to preventing unauthorized access, but also implementing measures that make understanding the data inaccessible, thus ensuring an additional layer of protection in a scenario where cyber threats are a constant worry.
Apple warns of the increase in the collection of personal data by corporations, governments and various organizations, often leaving individuals with little choice, given the significant increase in online activities in everyday life.
Interconnectivity to global business becomes a concern, as a hack against a small vendor using data stolen from one company could give attackers access to information stored on servers of a significantly larger entity, placing everyone involved at risk. Attacks of this nature have the potential to significantly harm customer relationships, even leading to company bankruptcy.
Countries that compromise end-to-end encryption protection for both consumers and business users are cautioned to recognize the risk they are taking in terms of digital security e business success for its population. The conclusion emphasizes the essentiality of strong and robust digital protection in an interconnected world, highlighting that weakening this security is a luxury that no one can afford.
And you, what did you think of this document? Have you also been the target of a cyber attack? Tell us Comment!
Source: Computer World.
Text proofread by: Pedro Bomfim (7 / 12 / 23)