DATA LEAKAGE via WHATSAPP
Data Resolve Technologies
User Behavior based Insider Threat Management System for All Devices
The most popular messaging app has made our life so easy. Young or old; male or female all are addicted to this app. It provides a quick, free and a simple way to collaborate. A user can easily share pictures, voice messages and videos through this. There are endless things that can be done through it and we do not need to rely on emails anymore.
Now-a-days, Data Breaches/ Leaks have become a common news item that impact large corporations and customers worldwide. Every now and then, we hear of organizations losing sensitive data and private information. WhatsApp web can be easily downloaded on any desktop/laptop and then synced with our phone. Through this, unapproved transmission of sensitive/confidential data from inside an organization can be sent to a n external party.
? It can be a sensitive file.
? It can be a screen shot.
? It can be an audio recording of an important meeting.
? It can be a video recording.
Causes of Data Leakage in each situation is different. We need to analyze and find the cause of it whether it is the -
? Result of a human error
? A system error
? Malicious act or
? Deliberately done
Though, WhatsApp was first intended to be a personal messaging app, it has now become one of the most prevalent communication solution in business. Employees have turned to this app to plan meetings, discuss business or collaborate on projects. For all this, communication can be between employee to employee; employee to customer. It is an easy channel for business communications. The new norm of hybrid working during Covid-19 encouraged employees to share more conversations, documents through this mode. On a more prosaic level, the app has been a boon for business travelers seeking to avoid high text and roaming charges in foreign countries. WhatsApp’s group chat feature attracts co-workers and project teams who use it to quickly update each other during the work-day. With all these benefits the biggest drawback of using WhatsApp Web is the ease with which the data can be leaked through this source. This is the biggest challenge faced by the IT Department of all companies. These Messaging apps can become an unmonitored mechanism for a n insider to leak data via a variety of methods.
“WhatsApp has often and loudly proclaimed its much vaunted end-to-end encryption technology. And to good effect: even notionally security-sensitive individuals such as Boris Johnson, the UK’s previous foreign secretary, use WhatsApp professionally. Mr. Johnson last year made headlines when a WhatsApp message he sent was leaked to the media. But even the best encryption does not prevent many of the WhatsApp cybersecurity challenges that face business. A screenshot or photograph of valuable company information can easily be taken and shared with anyone in the world. This was also highlighted by the recent Australian Federal Government leadership spill, where a conversation about Julie Bishop’s leadership was screenshotted and leaked.”
“The leak is happening via WhatsApp on Web. If someone is using WhatsApp on laptop or on an office PC, the mobile numbers are being indexed on Google Search. These a re mobile numbers of individual users not business numbers,” Rajaharia told IANS. Despite WhatsApp advising users and telling Google to remove the earlier exposed group chat links, the mobile numbers via WhatsApp Web application are now being indexed on Google Search,
WHATSAPP MALWARE TARGETING ARMY PERSONNEL DETECTED
“Intelligence agencies have detected a malicious malware file ‘CSO_SO on Deputation DRDO. apk ’said to have originated from a suspicious WhatsApp number to target Indian Defence Persons. Indian defence persons are on target of enemy intelligence agencies and the messaging application WhatsApp is being used often. After the detection of a similar breach in April this year, another case has been detected where a malware is being circulated using WhatsApp. The infected devices were analysed by the agencies and the findings indicate that “on clicking the malicious file it compromises the digital artefacts and connection with servers based in Nuremberg, Bavaria, Germany”. The DRDO had announced deputations for defence persons to DRDO as Chief Security Officer, dated May 26, 2022. The text message purportedly written by Rajan Kumar, UDC, urges the recipients to forward the .APK file to all the eligible defence officers so that they can apply for the said deputation. This paper had reported earlier that the Army has instructed all officers to stay off any social media groups floated by civilians, or people whose identity cannot be verified.
SOME TYPES OF DATA LEAKAGE:
? Accidental – Wherein an employee unintentionally forwards an official communication/ confidential data/ audio or video clipping to a recipient.
? Through Malware – Which is used to target these mediums containing sensitive information and a user unwittingly falls a trap to it.
? Phishing Attacks – Here, just by clicking on a link and visiting a web page containing malicious code allows an attacker to access the computer or network for retrieving the information needed.
?Data Exfiltration – This occurs due to the bad intentions of a n employee. This is potentially the biggest risk and significant measures must be taken to control this means of sneaking data wherein a n employee can take a screenshot of a sensitive file and forward the same; take a picture of a n incident in office and give it in wrong hands; record a conversation or a confidential meeting and transmit the same; video record the personal matters of an organization and make it viral. ‘Wishing’ i.e. WhatsApp phishing has become the most commonly used technique now-a-days. These are few of the challenges being faced by the IT Department of every company now-a-days.
So then, WHAT SHOULD THE ORGANIZATIONS DO?
? Restrict classes of documents – Documents must be organized depending on whether they can be shared internally or externally.
? Adopt a Hierarchical Sharing Technology
? File Type i.e. what type of file can be shared with whom.
? Role and Geography – What information can be shared with whom, by whom and where?
? Proactive rules, controls and real-time monitoring
And most importantly –
? Restrict the USE OF WHATSAPP WEB and allow it to only some specific persons in the organization.
? Keep a check on the type of information being exchanged through this app - WhatsApp Web.
? Track the usage time and purpose of using the WhatsApp Web. Thus, as more and more employees communicate with customers over messaging applications, organizations prior need becomes to have appropriate monitoring/tracking and controlling systems so as to ensure data leakage doesn’t become a problem on these channels.
领英推荐
SO, WHAT CAN BE DONE TO PROTECT THE ORGANIZATION BETTER?
Other than investing in employee education, updating security policies, following the best practices to avoid accidental data leakages, organizations m u s t use Digital Risk Protection and Threat intelligence to monitor, identify and manage data breaches WHATSAPP WEB. Data security more efficiently especially over the is complex as it needs to cover various channels to be effective. If there a re gaps that are left unprotected then it leads to data protection breach.
inDefend, is a one-step solution to manage all these threats and put an end to all the worries of Data Leakage and breaches. inDefend is a Unified User Behavior Analytics and Insider Threat Management Solution t h a t gives you
? DATA LEAKAGE PROTECTION INCLUDING OVER WHATSAPP WEB
? EMPLOYEE PRODUCTIVITY MONITORING
? EMPLOYEE BEHAVIOUR MONITORING
There are various modules that help to detect threats over ? Workstations/Laptops/Roaming Laptops
? It recognizes where all the secured data is stored and monitors each event of the employee in office or working remotely.
? Cloud Emails/Google Apps/Office 365
? It creates a shadow log of all emails and attachments, monitors and filters content of all outbound emails.
? Networks/Local Printers
? A secure Printer Gateway is created to prevent probable data from leakage from printer gateways and regulates the access to printing of documents.
? Server Activity
? Monitors each session and keeps a record of Browser Activity and does incident reporting.
? Detects when sensitive file is uploaded on WhatsApp.
? Has the Screenshot feature which captures the image of the file when it is getting attached on WhatsApp.
? The source of the folder from where the file has been uploaded can be captured.
WHY SHOULD WE USE inDefend?
? It provides maximum transparency over any employee irrespective of the organization. It monitors their activities and communication habits.
? There is full protection over data compromise as it sends alerts each time a sensitive file is attached or a screen shot taken.
? It provides full control over employees working remotely and about their productivity. It keeps a track on their browsing history - the sites visited and the time spent there.
? Helps to keep a control on the exiting employees and their activities.
? Protects against trade and financial secrets from falling into competitors or fraudulent hands.
? There is a unique workflow analysis to manage access permissions for scattered employees.
? It provides a full report on employee behavior and his/her productivity.
? Records and maintains live screenshots of employee crimes for legal proceedings.
FOR MORE ENQUIRY
WhatsApp us at +91 9599936473
Email: [email protected]