To date, cyberhygiene and cyber security are more important than ever for ordinary mobile phone users and for the largest companies. This was told by experts on cyber security, the newspaper The Star.
It is worth recalling that not so long ago, about 46.2 million subscribers of all major cellular operators in Malaysia were the victims of data leakage. The network was the personal information of people, including phone numbers, home addresses and SIM-card data.
In 2016, the InfoWatch analytical center registered 44 mega leaks, each of which exposed more than 10 million personal data records. This figure is twice as large as in 2015. The report says that in 73.8% of the data leakage that struck South-East Asia in 2016, either browsers or cloud networks were used.
"If you take for example 46.2 million phone numbers, we can assume that such a huge leakage of data on the network channel was caused by an intrusion or a malicious insider," said the head of the InfoWatch Group Vladimir Shutemov.
"Owners of hacked phone numbers can become easy targets for social engineering and phishing operations, such as annoying advertising calls, spam and paid subscriptions," noted Shutemov.
The main antivirus expert Alexander Gostev says that the damage from such leaks can be even worse.
He believes that as more people use their mobile phones as a store of their data, and the mobile phone number becomes a key identifier, the risk associated with hacking mobile phones increases accordingly.
"If an attacker knows your phone number, he can intercept all of your communication, as well as information, including bank accounts, two-factor SMS authentication, text messages, mobile messenger and geolocation data. Not only your digital life is at risk - with geolocation data you can easily be tracked or chased, "added Gostev.
Concerning the cyberattacks on the organization, Gostev noted that they may remain unnoticed, especially when the attackers know exactly what information they want to receive.
As for the prevention of leakage, Shutumov says that for any content filtering system it is easy to intercept unauthorized transmissions of telephone numbers via various channels.
"The leakage of the database demonstrates how bad the flow control is, because any properly configured data protection system should block such leakage," he said..
It is noted that such a large-scale data transfer, including millions of telephone numbers, can be detected if there is a state system for managing traffic in the network.
"Companies that are subject to data leakage should immediately notify their customers about the incident and the risks associated with the loss of their personal data," said Shoutyomov, adding that it is only necessary to educate users about the basic principles of cyberhygiene.
"Users should not click on links, open attachments in messages received from unknown sources," said Shutemov.
"In addition, if there are other applications that are connected to this phone, for example, GPS tracking of your family members or pets, you should also pay attention to them," he concluded..