Using Multifactor Encryption to Protect Against Data Exfiltration

Yet another attack that exposed customer data. Europe’s largest independent family-run car retailer Arnold Clark was hacked in late December. Now the company, with nearly 200 dealerships across Scotland and England, has revealed that personal data was extracted by the hackers that carried out the cyber attack. The data that may have been stolen included bank details and ID documents, which typically are copies of passports and driver's licenses. Names, dates of birth, vehicle details, contact details and National Insurance numbers could also have been targeted.

The company said it shut down its entire computer network the day after the attack and has since begun rebuilding its computer infrastructure. Arnold Clark informed customers that investigations were continuing and has offered those affected a two-year subscription to an identity fraud checking service because the hack puts them at a higher risk of being victims of the crime, woohoo. Dealing with customer backlash and the urgent and expensive work of infrastructure rebuilding, has placed a heavy financial and regulatory impact on the company. 

Exfiltration of sensitive data is the attack du jour. It’s most painful for the target companies and most lucrative to the attackers. With no end in sight, it is simply a matter of time before virtually all businesses are impacted by some kind of breach that results in data exfiltration. Therefore, it is abundantly clear that the time is now to take stock of data protection policies, procedures, and solutions to ensure the highest level of security possible. The status quo will not stop exfiltration attacks! 

#1 Start by Understanding Encryption

When it comes to protecting data, organizations may think they have encryption covered. But not all encryption is the same. Conventional encryption solutions rely on centralized keys that are tied to user credentials that can easily be stolen. Once credentials are compromised, the encryption keys are rendered useless because hackers can simply access and exfiltrate data to use in whatever high dollar, damaging scheme they choose. Unfortunately, traditional encryption provides limited protections against even the most basic attacks, but virtually  no protection against exfiltration attacks.. 

Fortunately, innovation in computing hardware and encryption key management has recently witnessed some innovative leaps in the encryption landscape. The modern-day approach to eliminating data exfiltration now starts with multifactor encryption. 

#2 Make the Move to Modern Day Multifactor Encryption 

Multifactor encryption is a decentralized approach to cryptographic key management that protects organizations, even when identity and rules-based access controls fail. It allows for the highest levels of data security without sacrificing business performance and productivity. ​​With multifactor encryption, a unique key is generated for each object and then automatically fragmented, with the fragmented pieces distributed across physical devices - workstations, servers, mobile devices, pretty much any physical machine. By distributing keys across disparate physical devices central points of attack and failure are eliminated. 

Instead of relying on user authentication to release encryption keys, as does most every encryption solution currently in use, by uniquely encrypting each object and distributing key shards to physical devices, the reliance shifts to control and authentication into the physical machines holding those key shards. Even when attackers breach the system or compromise the network, every sensitive piece of information that has been multifactor encrypted will remain encrypted. This vastly changes the attack surface and makes the attack exponentially more difficult for the adversary.

Multifactor encryption also enables the analysis of encryption status and usage of data for compliance, business reporting requirements, and operational decision-making. User activity is logged and can be aggregated at the administrator level to gain a better understanding of individual users and overall usage trends of encrypted data. Administrators can also create customized alerts and notifications with detailed user file interaction logging that can be fed into existing SIEMs and SOCs.

The concept behind this advanced form of encryption is simple, but the approach completely changes the way data is protected - for the better.

#3 Stop Attacks in their Tracks

Multifactor encryption is a progressive technology that leverages the power of advanced threshold cryptography in tandem with distributed key management. By using multifactor encryption, organizations remove the threat of file exfiltration resulting from password compromise, and eliminate the central key server as a single point of attack and failure. Multifactor encryption is designed with simplicity and user productivity in mind, which is especially valuable when using today’s hybrid and multi-cloud architectures. 

Moreover, its flexibility and visibility make multifactor encryption an invaluable resource that helps to proactively prevent cyber attacks and breaches from inside and out. With multifactor encryption, security practitioners and end-users alike can realize true data protection with unimpeded business performance. 

To learn more about Atakama’s multifactor encryption solution visit: www.atakama.com