Methods of Data Exfiltration

Data exfiltration is the process of transferring or removing of data from a computer or server without legal authority. It is regarded as a malicious activity which is performed by cybercriminals when operating on a particular network. This can lead to negative effects on the computers working. It primarily occurs when an organization’s data is illicitly copied, transferred or access illegally by external environments. The hacker improves contact to the objective machine through an inaccessible presentation by straight installation of movable computer device. Only the systems with vendor-set evasion password are prone to these cracks and therefore can be possible to avoid the malicious act.

The case study which was conducted in one of the cabers technology houses reveals that the cyber security landscape has changed its implications from the emergence of new business models and technologies to a radical increase in vulnerabilities to which organizations are exposed. The vulnerability factors are severe in that they affect the functioning of the organizations and hence the organization becomes prone to attacks. Modern organizations today operate as part of a complex or partially trusted ecosystem whereby security measures are undertaken to avoid various acts. The need to achieve organizational challenges such as increased productivity, lowered costs, and customer satisfaction has driven organizations to break the traditional infrastructure model as they try to advance effectiveness with customers and work together closely with partner organizations.

The proposal of this paper extracts its basics the knowledge of how data can be hacked or stolen from a server computer. How do these hackers gain access to the remote computer and how can this be dangerous to the computer? Which capabilities enables them to achieve their mission from the remote computer? Can the remote computers be protected from such attacked? What should be done to completely secure files against unauthorized users? And the benefit of all this.

Since there are more ways of exfiltration data, we realized that it is very obvious to limit the area of unauthorized data extraction by communication examination to only the most likely members who may want to access the information at a given time. Only the physical restrictions to a local user would be taken into account. An organization file can be extracted by the following methods.

There are various methods that can be used for data exfiltration to occur. Some of this methods are as listed below:-

HTTP

This is the rule of transferring data through a set of media defined by a particular networking protocols which allows a user to navigate via links positioned on different servers and repossess the figures on the same documents. It uses a hypertext to transfer signals.  Hackers use this method over the other to exploit the whole systems and can henceforth crack the database and have a full access to an organization file. This protocol helps the hackers through the means that data can be transferred over a period of time to different multiusers.

FTP

This technology is applied at the beginning of a detailed document. FTP serves the purpose of encouraging the transfer of files across computer programs and to discourage direct access of distant computers to safeguard an operator from dissimilarities. In the few organization that we visited, we found that the FTP technologies with less liable thought is applied by some users as method of stealing  huge software’s. Its major role in computing is majorly for sharing large files.

Findings

SSH

This technology is a standard which is applied by remote computer logins. Remote access can be used to efficiently illustrate SSH, it illustrates how data are shared across computer components. This platform provides unprotected paths between the client servers computing and checks the user passwords from being conducted by unauthorized vendor who may be navigating a particular network. Hackers use this paths to access private files and hence undertake threats. The purpose of connection protocols is to give direct paths which are used for diverse computer applications and this makes connections secure in this particular computers.

Email

Emails can be downloaded from the email server to provide a more distributed affiliation between clients.  Emails are widely being applied by most consumer networks to share messages from clients to servers. Emails are used by different organizations to rurn most of its activities. This protocol is primarily used to transfer emails between email servers. This makes communication easy in the various servers.

Spyware

Spyware is a malicious software which collects information which varies from one website to another. Manufacturers informs users when a product includes this competence which includes programs that are installed by manipulating susceptibilities in presentations without the user enchanting slightly thoughtful feat. One of the common example of a spyware is:-

Data is moved to another position traditionally by replicating files on floppy disks. Printing out a digital paper trail if other means to read or write an information were used. Laptops provides the easiest medium of data transfer since it is flexible and can transfer data legitimately to other users.

Findings

An increase in access to a user device increases data exfiltration. The act of obtaining sensitive data onto a frequently used mobile devices can be regarded as an exfiltration threat. The more the user gains an access to the system the more the vulnerability of the device to hold threats. The less the user has to access the system gives the system less availability of the particular threats it can undergo. All the organization which were found with possession of old machine were said to have many security constraints as compare to those who had access to new machines.

The major part of security solution is the Information Technology security who ensures that the mobility of a device, wireless and personal access applications and the high risk of lost or stolen handhelds creates a need for additional defenses against data damage. (Wilson, 2000).The extending network access control solution is seen to be contained in the development techniques of these mobile devices and they are managed from the central point. The central point then enables the developers to access and the various devices and control is undertaken.

The developers of mobile devices usually links a flexible changeable attribute to allow them modify, repair or reengineer the entire existing mobile device administration solutions system whenever happens to be an itch. This platform has broaden its branches and it is now by many vendors in general who do not provide any sort of support. They bring other things to the party, especially support for contract supervision and billing (Wilson, 2000).

Impacts to Technology and Solution

Many organization which never employed an encrypted method of sharing files is more vulnerable to attacks. The technology that any organization is using should be standardized to comply with laws.  Serious software agents should perfectly be installed on the computer remote devices which provides the metadata of the databases. Its security can be applied from is configuration techniques and be used by control processes over the formula for accessing secret data. This principle can highly reduce exfiltration by a greater percentages since it is a reverse control process and can monitor what is to be transfer to a remote computer.(LeCain, 2001). 

From the experience gathered from the field study, data infiltration is a malicious issue of concern to every organization. Every organization should then work on ways to avoid threats from data infiltration. Therefore good strategies should be developed to ensure that an organization privacy is respected and this helps control data infiltration as a threat to security of the company. (Schuh, Cline, Sweeney, & North Dakota State Water Commission, 2005). The sited study areas however could be so open in giving a full information regarding the organizational file management system. Therefore some of the issues which were never addressed include:-

1. The currently being developed projects of the possibility for generalization of the risk factors. A prospective study should have been performed to investigate the how liable these projects were iterated and their effectiveness to the organization. Some of these projects can be prone to failure while others could be secure. Security should be the most important aspect that an organization deals with.
2. Could there be some of the technologies, apart from the one mentioned above which the organization could be using as one of the protocols of delivering services from one client to another. This different technology could be offering different ways of access and use of the particular type of data. Availability of this different technologies will help diversify the ease of the way of handling data. We could have identified how this technology was effective in the networking and whether it could be too effective to be applied in other organizations.

Conclusion

To muddle through the difficulty of tracking and application in big data backgrounds, I would really advocate for the event of suggestion to decrease the complication of granulated access joysticks on the submission level. A more defined infrastructure should be implemented on this and to the control to transfer mediums and learn the accepted code of conducts and performs that modifies the access controls in the application models. This paroxysms in well with the need to build a framework to funding a more security structure that is well defined. If this strategy can efficiently be implemented, then corresponding the magnitude of data needed for security management will be very easy to manipulate. A reliable assurance should be incorporated to allow access scheme that assigns a suitable level of security. The level of security should then control the various situations in which data is accessed.

References

LeCain, G. D., Lu, N., & Kurzmack, M. (2001). Use of temperature, pressure, and water potential data to estimate Exfiltration and monitor percolation in Pagany Wash associated with the winter of 1997-98 El Nin?o precipitation, Yucca Mountain, Nevada. Denver, Colo. (Box 25046: U.S. Dept. of the Interior, U.S. Geological Survey.

Schuh, W. M., Cline, R. L., Sweeney, M. D., & North Dakota State Water Commission. (2005). Exfiltration data and functions, and soil moisture and matric potential data during wetting for selected soils in the Oakes area, Dickey County, North Dakota. Bismarck, ND: North Dakota State Water Commission.

Wilson, D., Walker, I., & International Energy Agency. (1993). Exfiltration data from the Alberta home heating research facility. Coventry: Air Exfiltration and Ventilation Centre.

Mahan, R. E., Fluckiger, J. D., Clements, S. L., Tews, C. W., Burnette, J. R., Pacific Northwest National Laboratory (U.S.), & United States. (2011). Secure data transfer guidance for industrial control and SCADA systems. Richland, WA: Pacific Northwest National Laboratory.

Oak Ridge National Laboratory, & United States. (2016). Towards Reducing the Data Exfiltration Surface for the Insider Threat. Oak Ridge, TN: Oak Ridge National Laboratory.