This document discusses security risks related to open data systems. It provides examples of risks such as website defacement, malware serving, denial of service attacks, unauthorized data modification, data scraping, and re-identification of anonymized data. The document advocates defining security requirements during the design process to check for security and conduct testing before deployment. This will help address risks like data breaches, malware, and loss of user trust in open data systems.
3. 3
Agenda
Open Data systems IT security risks
by examples
What is security?
How to achieve it?
4. Source: http://news.softpedia.com/
4
Polish Ministry of Work and Social Policy (2008)
Defacement
Źródło: http://www.dawidd.master.pl/
Źródło: http://www.niebezpiecznik.pl
5. 5
Malware serving
User visiting infected website can be
attacked
Example:
„Nearly 100 Thai Government websites
were hacked and used to serve malware
last month. More than 500 distinct attacks
were launched from these websites”
Source: http://news.netcraft.com/archives/2014/05/06/thai-government-websites-infested-
with-malware.html
7. 7
Impact
Loss of reputation
Loss of users’ trust
Loss of PageRank
8. 8
Denial of service
DDoS (Distributed Denial of Service)
Ex: Latvia (2008), South Korea (2009),
Ukraine (2014)
• Multiple connections from around the
world
• Relatively easy to launch
• Difficult to fight and expensive to protect
10. 10
Too Open Data
Source: http://news.bbc.co.uk/2/hi/technology/8533641.stm
11. 11
Was it difficult?
7,4 mln tax records leaked
~ 120 GB of tax data
„Hacking” script:
for i in {1..7500000}; do
wget http://www2.vid.gov.lv/eds/Pages/GetDuf.aspx?id=$i;
done
12. 12
Unauthorized modification of
data
System for recruitment to high schools
in Poland
Possibility to modify candidate’s
grades
Source: niebezpiecznik.pl
13. 13
Unauthorized modification of
data
Consider more sensitive systems, e.g.:
• Legal Register of Companies
• Statistical data
• National election results (realtime)
15. 15
Data scraping
Access to:
• Property data
• Owners’ data (including ID, address)
• Mortgage data (amount, bank, date)
But… user has to:
• Know register number
• Enter captcha
Incremental with
one control digit
Could be bypassed
(in the past)
or human solved
(about 2$ / 1000 captchas)
16. 16
18722717 indexed land registers. Collected
data: 31066649 plots, 1628061 buildings,
6812230 premises.
About 7 EUR / record
17. 17
Deanonymization &
Re-identification
Statistical methods of analysis
Finding unique user „fingerprint”
Corelation with other datasets
87% of US citizens has unique
combination of: gender, ZIP, date of
birth*
* Latanya Sweeney, Uniqueness of Simple Demographics in the U.S.
Population http://www.citeulike.org/user/burd/article/5822736
18. 18
Example
Anonymized
hospital data
Voter
registration list
• Name
• Address
• Gender
• ZIP
• Birth date
Massachusetts Governor William Weld
6 people has it’s birth date
3 of them were men
Only 1 with Cambridge ZIP
• Medical
procedures
• Gender
• ZIP
• Birth date
From Latanya Sweeney research paper: Uniqueness of Simple Demographics in
the U.S. Population http://www.citeulike.org/user/burd/article/5822736
20. 20
We can politely ask ;)
"We would like to ask those who would like to deface
this Open Data [website], Open Data is your data. This
is the public’s data about you, so I don’t think it’s in the
interest of the Filipinos to damage the information that
we have.”
Presidential Spokesperson Edwin Lacierda
Source: http://www.rappler.com/nation/48454-hackers-open-data
21. 21
Cost of software bugs
Project
definition
Development
Design
Maintenance
Deployment
Verify requirements
Define security requirements
Security
testing
22. 22
What does it mean „secure”?
Each system is different
Not all risks are equally important
• Website defacement / Malware serving
• Denial of service
• Data confidentiality breach
• Unauthorized data modification
• Data scrapping
• Deanonymization / re-identification
• …
23. 23
How to define security?
Who? How? Why?
Attack
scenarios
Attacker Goals
Who can attack our system?
Why? What is motivation?
How attackers can achieve their goals?
24. 24
How to define security?
Who? How? Why?
Attack
scenarios
Attacker Goals
Countermeasures
What should be done to stop those
attacks?
Security requirements
25. 25
Summary
1. Define security requirements
2. Check them during design &
development
3. Test security before deployment
26. 26
Summary
Examples of risks to consider:
• Website defacement / malware serving
• Denial of service
• Data confidentiality breach
• Unauthorized data modification
• Data scrapping
• Deanonymization / re-identification
27. 27
Open data security
Should we care?
http://www.securing.pl
e-mail: info@securing.pl
Jontkowa Górka 14a
30-224 Kraków
tel. (12) 4252575
fax. (12) 4252593
Wojciech Dworakowski
wojciech.dworakowski@securing.pl
tel. 506 184 550