NXdrive leads on secure data storage and backup.

The IT World is facing massive security breaches due to the lack of good encryption practices. This has caused huge scandals at Target, Adobe, Linkedin, and Snapchat to name a few. Sensitive data was hackedraising questions on whether the data was encrypted or not. Even if it the stolen data was encrypted, could data confidentially still be at risk?The answer is YES. Data encryption should not be considered a “Get out of Jail Free Card.” This has been greatly agreed upon based off many data breach incidents.

Data encryption is not equivalent to secure data protection.

World's Biggest Data Breaches

Figure 1: World's Biggest Data Breaches (See full picture!)

Data encryption is unable to provide the following data protection:

Encrypted Data Publication: The hacker can copy, publish, and distribute the encrypted data to intended parties (e.g., WikiLeaks) or totally open the public, having very high risks. On June 2016, Wikileaks released massive 88 GB encrypted insurance files. Data encryption could not actually nullify the damage caused by such data breaches, especially for the cases of safety-critical data (e.g., national security data). Such a conclusion can also be evidenced from the many healthcare data breaches, e.g., Codman Square Health Center in Dorchester, Mass., Keck Medicine in Los Angeles, part of University of Southern California, World Anti-Doping Agency's database of Olympians' medical record leakage, etc. Most healthcare data is encrypted but they still can be breached.

Ransomware: Encrypted data is subject to Ransomware attacks as if the data isn’t even encrypted. It is a type of malicious attack to malevolently encrypt the datauntil an amount of money is paid to the hackers. Since 2016, Ransomware has aggressively increased, especially regarding business data. The current anti-Ransomware efforts are stunted as the Ransomware itself effectively acts as a security application. The total number of the Ransomware attacks rose by 13% in September in 2016 alone, said by Check Point cybersecurity researchers. Hollywood Presbyterian Hospital paid $17,000 to ransom. The total cost of damages could come to $1 billion in 2016 such that Ransomware has been now one of the three most common malware threats.

Data Tamper/Destruction/Sabotage: RSA conference in 2016 noticed that the security industry has been primarily focused on stopping information theft for years. Now, more and more people in the trade are worried that the next wave of attacks won’t steal data – they’ll sabotage it instead. Encrypted data could be tampered with and even be totally destroyed. In the earlier data breach incidents, the hackers steal the desirable data from the system. But recent data breaches show that hackers can modify or even destroy the data on the data system. Data destruction could cause serious issues for a business when the destroyed data is unrecoverable. Notable examples of data destructionis thethe Sony Pictures Entertainment data breach on November 24, 2014, and the Saudi Arabia data breach in 2016. In these incidents, the hacker wiped a large amount of sensitive data after stealing it. Data in three-quarters of the computers and servers at the studio’s main operations were almost destroyed. Recently, NSA (Mr. Iain Thomson) revealed that the data tampering is the second of the top three IT nightmares. Suppose the data has been subtly altered rather than stolen. The consequences of this scenario could be severe, especially in the IoT (Internet of Thing) in relation to the industry safety (e.g., SCADA (Supervisory Control and Data Acquisition)) and national security.

Cryptographic Attacks: Further, the data encryption is subjected to cryptographic attacks by exploring the weakness of encryption. The encrypted password, credit card, or other encrypted PII (personal identity information) can be crashed in a few seconds, e.g., 6 seconds, by brute–force decryption attacks. There are many incidents (Linkedin – 200 million PII, Yahoo – 500 million PII, Dropbox, etc.) that occurred with PII disclosure. The Dropbox data breach incident occurred in 2012 and is confirmed in 2016, resulting in 68 million of PII leakage. This is due to the weakness of encryption protection of short PII data, e.g., 8-15 digitals of a password. Advanced computation systems are able to crash an encrypted file. The Penetrating Hard Targets project spends 79.7 million of research to crack RSA on the web. MIT’s Quantum Computers can crack most of the encryption.

Malware may steal/modify/delete (e.g., stealth attacks) encrypted files such that you are unable to recover them. The compromise of a storage device having the encrypted files will result in data loss and other risks. Data encryption is designed for protecting data confidentiality. It is unable to offer the following data protection capabilities:

Preventing encrypted data stolen, redistribution, and publication
Enabling robust capability to defending Ransomware attacks
Protecting encrypted data in the storage from being sabotaged
Preventing encrypted data from being crashed by brute-force or other cryptographic attacks, and
Offering reliable restoration/recovery from being tampered.

NXdrive is holistic solution for data storage and protection against data breaches. Different to saving a data as a file (even an encrypted file), NXdrive is fragment-based data storage that builds extra features over encryption to provide holistic data protection capabilities. Specifically, a file is saved as a number of fragments over different authorized places. It prevents external and internal data thieves (attacker reads the data), data loss (hacker deletes the data), and data tamper (hacker changes the data).

World's Biggest Data Breaches

Figure 2: NXdrive adds data spatial properties for data protection that is hard to be explored by using a powerful computer.

NXdrive achieves fine-grained data security to prevent the data stolen and sabotage from potential cyber-attacks. NXdrive (www.NXdrive.com) is an online system to provide data protection:

  • Worry-free on data confidentiality: NXdrive provides leading capability of protecting your data confidentiality
  • Worry-free on data breach: NXdrive excels in defending against data breach which is one of the major cyber security threats of the online data storage.
  • Worry-free on privacy: NXdrive protects the data privacy, having the unique abilities to disable a number of semantic analyzing tools that targets for your data privacy.
  • Worry-free on data loss: NXdrive has robust self-generation capabilities that prevent the loss of any data pieces.
  • Worry-free on device compromise: Automated data protection prevents data disclosure or loss that could be caused by device loss or device failures.
  • Worry-free on data insiders: NXdrive prevents insiders by advanced features of distributed authentication and authorizations for data management.

Click a Mode to Start:

(1) Safe Mode

(2) Silver Safe Mode

(3) Golden Safe Mode

Read more about NXdrive technology!

NXdrive Brochure