DATA LEAKS AS ONE OF THE MAIN VARIETIES OF CYBERATRACKS
(
)
In the 21st century, Ukraine has become part of the global scientific and technological revolution, which has led to the formation of a new information society that participates in the economic and social development of countries around the world. However, over time, the positive aspects of such a global substance have been threatened by a number of problems due to the high vulnerability of the infosphere to external cyber influences. Information and cyberspace are subject to cyber attacks such as phishing, ransomware attacks, malware, data leakage, DDoS attacks, human intermediaries (MitM) attacks, SQL injections, zero-day exploits, full-scale attacks ( brute force), etc. For example, 2.5 million Drizly credentials were leaked a few years ago, and credit card numbers of more than 10 million Prestige Software customers have been disclosed since 2013, not to mention social media leaks. Thus, there is a need to create a reliable system of cyber security for proper control over the relationship, which plays a significant role in geopolitical competition in most countries .
The main subjects of the national cybersecurity system of Ukraine responsible for the formation, development and protection of cyberspace are the State Service for Special Communications and Information Protection of Ukraine, the Security Service of Ukraine, the National Bank of Ukraine, the Ministry of Infrastructure of Ukraine, the Ministry of Defense of Ukraine, the Armed Forces of Ukraine. . They carry out their activities on the basis of such normative legal acts as: the Constitution of Ukraine, laws of Ukraine on the basics of national security, principles of domestic and foreign policy, electronic communications, protection of state information resources and information required by law, this and other laws Ukraine, the Convention on Cybercrime, other international treaties approved by the Verkhovna Rada of Ukraine, decrees of the President of Ukraine, acts of the Cabinet of Ministers of Ukraine, as well as other regulations adopted to implement the laws of Ukraine.
Currently, most organizations use multi-level information processing systems (cloud storage, corporate networks, etc.) to transfer data, which later becomes a possible source of their leakage. Data leakage can be interpreted as the process of uncontrolled disclosure (dissemination) of important private information.
Leaving some information somewhere, you immediately receive a commercial offer based on them; After buying a car, the next day you start receiving calls from companies offering to take out insurance - all these are signals that your personal data has been made public .
In order to prevent the dissemination of your personal data over the network, you must: first, set complex multi-structured passwords different for each site; secondly, to carefully read the conditions of personal data processing; thirdly, do not install little-known applications that require access to data from desktop, portable personal computers or smartphones; fourth, do not enter logins and passwords while on an unfamiliar Wi-Fi network (the owner of the network sees this data that may lead to their possible leakage).
There are several effective methods to prevent commercial data leakage, first, data encryption. The advantages of this method are ease of use (implementation of encryption is performed by special software), if you need to transfer important electronic documents outside the commercial network, they will be stored on flash media, cloud media or client mail only in encrypted form, high reliability. Secondly, it is the control of personnel using time and attendance systems, which is characterized as complex hardware and software that documents the exact time of arrival at work, time of departure, staff activities on the computer, records corporate mail, conducts video surveillance and transmits all this information to the management of the company or a person from the security department. Next, all the information obtained is analyzed and the number of employees who could disseminate trade secrets is identified .
Thus, in this scientific work, the concept of "data leakage" was mentioned, which can be defined as one of the types of cyberattacks that occur when confidential user information becomes vulnerable; listed a number of methods that serve as preventive measures to prevent extraneous cybernetic influences. A list of legal acts regulating this area of activity in Ukraine and helping to gain important experience in protecting one's own IT infrastructure, as well as the bodies through which the mechanism of their implementation takes place, was also provided.