Data, as the core content, is also the key asset of organizational units. Data security is one of the biggest security challenges at present. Therefore, we should attach importance to code security and system security, encrypt and protect important data, and strengthen the ability of data control and management.

The database for DDOS-Guard is reportedly being sold on hacker forums. Ddos-guard, an IDC provider from Russia, offers a variety of service rentals as well as a free DDoS cleaning service, and is known for hosting numerous file-sharing giants, including BS. And Go-Unlimited file hosting service. The data for sale is said to include operational details of the Russian website RuTracker.

In addition to the database, the dDOS-Guard source code was also part of the sale, the researchers said. The seller, known online as “Kilobyte,” listed the source code and database for dDOS-Guard for $350,000 and sold it on exploits.in.

The user initially auctioned the data for $500,000, but after failing to provide a sample of the data to verify the authenticity of the stolen database and source code, it was soon reduced to $350,000. This is the second time the user has tried to sell data on the forum since January 2021.

Data and core code are the main targets of network hacker attacks, and the incidents of stealing and selling data at home and abroad are increasingly frequent and expanding, resulting in economic losses of tens of millions to hundreds of millions or even billions. As telecommuting becomes more popular, it increases the risk of data breaches. As of 2020, the average cost of a data breach was $3.86 million, and the average time between incident occurrence and resolution was about 280 days for a data breach, the data showed. In addition, data leakage occurs not only in finance, Internet, government, education, medical care, but also in some key infrastructure and other industries that affect the overall operation and development of society.

Causes of Data Leakage

1. Code security is not taken seriously

Everything in the digital era is inseparable from code, but as the foundation of the Internet of everything, there is a general lack of awareness of code security detection and management in the industry. On the one hand, employees may unintentionally host the core code to open source sharing platform, and on the other hand, problematic codes with defects are introduced in code writing. This can lead to code leaks or a number of security vulnerabilities due to code defects.

In March this year, Shell and six top universities in the United States were exposed to data breaches, the cause of which is the 0day vulnerability in common office software. System vulnerabilities have become a common means of stealing data. Strengthening static code detection in the development stage can timely find code defects and reduce the generation of system vulnerabilities.

2. Over-reliance on traditional means of protection

Phishing, ransomware and Web application attacks were the leading causes of data breaches in 2021, according to a survey released by Verizon. Web application attacks accounted for 39 percent of data breaches last year, while phishing attacks jumped 11 percent from the previous year and ransomware grew 6 percent. Cyber attacks not only encrypt or steal data, but also demand large ransoms through threats or extortion, and risk the data being sold publicly if they are not paid. With the development of network technology, the technical means of criminals are also improving, so the firewall and other software defense means can not be once and for all.

3. Human error is the root cause of data leaks

Ponemon data shows that employee negligence is a major cause of data breaches. Careless employees accounted for 34% of data breaches in the entertainment industry, leading the industry, followed by public and consumer products, where human error accounted for 28% of data breaches. In healthcare, employee negligence is responsible for 27% of all data breaches, despite strict rules.

Strengthen data security management

At present, with the comprehensive development of digital economy, data, as the most core content, is also the key asset of organizations, so ensuring data security is one of the biggest security challenges at present. Behind the data leakage, the public is forced to suffer from sensitive information exposure, phishing fraud, loss of company data assets and collapse of brand reputation, economic loss, data leakage related to key infrastructure, and even social stability and national security are threatened.

Therefore, it is necessary to attach importance to code security and system security, encrypt and protect important data, and strengthen data control and management to avoid serious losses caused by data leakage.

And read the links: www.woocoom.com/b021.html?i…