The Big Data market is characterized by the recent adoption of Data Lake architectures, such as information systems that are based on the Hadoop framework, by large companies. The Data Lake architecture is based on implementation of a NoSQL central database (such as MongoDB, HBase or Cassandra) in which files of any sort can be stored and be retrieved from.Companies can virtually define a central depository for theirinformation and data files that does not depend on the contents oron the file types and provides a user -friendly and accessible source for allthe files managed either in SMEs, middle sized companies orlarge corporations.Nonetheless, the data lake architecture suggests that once it is hacked, an intruder can “swim” in the database system, explore the files and gain access to valuable data describing every aspect of the operations of an organization that is hacked. One of the major uses of IAGON’s Secure Lake technology in encrypting, slicing and distributing the data lake files is “freezing” the lake, that is prohibiting by means of encryption and decentralization of files any party from navigating within the data lake after gaining access to it (see Figure 3.)
Hacking a Data Lake of any organization exposes it to unlimited number of security, privacy and financial
risks, from online publication of private information of clients, through use and sale of suppliers and commercially
sensitive data to trading trade secrets, internal correspondence and digital goods (such as source
code and designs of new products). The vulnerabilities as well as the hacking possibilities of databases of Big Data and Data Lake infrastructure
are publicly posted online, mainly warning organizations against security breaches that may rise due to use
of these platforms.
Few examples from the recent years illustrate the broad scope of threats and risks to organizations (as well
as to their customers and suppliers) that result from hacking their IT systems and databases:
1. InJanuary2017,Camarda (2017)reportedthat"Hadoopattacks followedongoingattacks
on MongoDB, ElasticSearch, and Apache CouchDB. In some cases, criminals have been know to
clone and wipe databases, claiming to hold the originals for ransom. In other attacks, they have
simplydeleteddatabaseswithoutdemandingpayment".
2. Atthe same period,Constantin (2017 )reported that “It was only a matter oftime until ransomware
groups that wiped data from thousands of MongoDB databases and Elasticsearch clusters start ed
targeting other data storage technologies ... 126 Hadoop instances have been wiped so far. The
number of victims is likely to increase because there are thousands of Hadoop deployments ac
cessible from the internet although it’s hard to say how many are vulnerable . The attacks against
MongoDB and Elasticsearch followed a similar pattern . The number of MongoDB victims jumped
from hundreds to thousands in a matter of hours and to tens ofthousands within a week . The latest
count puts the number of wiped MongoDB databases at more than 34,000 and that of deleted
Elasticsearchclusters atmorethan4,600.”
3. Claburn (2017) indicates that the actions of the attackers on Hadoop based systems “may include
destroyingdatanodes,data volumes,or snapshotswithterabytesof data inseconds”.
4. Earlier reports explain how to hack into Hadoop systems and to exploit their vulnerabilities to
destroy of copy large volumes of data (see for example Gothard, 2015). Given the nature ofthe
vulnerabilities exposed , and those that have not yet been exploited by attackers , but may exist
in the systems , as well as the lack of policies of ongoing cyber security auditing in many
organizations , databases at large are exposed to other parties , should they decide to apply
these intrusion techniques The results for any organization can be catastrophic and have a
large magnitude of impact on its operations . To illustrate ,the Equifax hack ,reported in
September 2017, exposed the personal data of143 million customers, causing a daily fall of19%
inEquifax’smarket value.
IAGON’s Secure Lake is based on theBlockchain unbreakable encryption technology, on file slicing and storage
of small, anonymous and strongly encrypted slices ofthe originalfiles ensures the complete protection of
data files, other types offiles (such as scans, photos and videos) and databases of any size and ensures the
rapid retrieval and update of any stored file. Except from the user who securely uploads a file and has the
password (key)to retrieve and encrypt it, no one can read the contents ofthe smallfile slices, encrypt, delete,
change ,retrieve them, identify their source or even associate them with other file slices that are generated
from the original , uploaded file . IAGON ’s technology ensures that even when information systems are
breachedinanyway,thedata andfiles thattheyusecannotbeaccessed,deletedormodifiedinanyway.
0 komentar:
Posting Komentar