The problem of data leaks in Indonesia is like a chronic disease that will not heal. In discussion forums and even black markets, hundreds of data are bought and sold and even shared for free.

Data leaks are not only experienced by companies, but also by government agencies. Usually, it includes personal data such as photo, full name, population identification number (NIK), position, birth certificate and diploma.

The data leak case described above is an indication of Indonesia's still weak cyber security. According to data NCSI (National Cyber Security Index) Cyber Security Index Indonesia ranks 83rd out of 160 countries in terms of cyber security. Indonesia has a cyber security index score of 38.96 and a digital development level score of 46.84. So what causes data leaks?

3 Main Causes of Data Leaks

1. Human Error

An example would be an employee who accidentally sends or posts sensitive information online. Or just click the “reply all” in emails with hundreds of recipients when sending sensitive information.

This kind of case can also occur when programmer creating a database which can be accessed by the public and search engines, then confidential company information will be leaked, and anyone will be able to access it until the database is locked again. When this error occurs, those trying to hack a company's system will print confidential information for future use.

Even if it occurs accidentally, all data leaks can result in similar penalties and reputational damage.

2. Malware

Malware (Malicious Software) is a program designed to infiltrate and damage a computer system. The compromise could be via email, Internet downloads, or infected programs.

Also read: 5 Types of Malware That Can Attack Your Data Security!

In addition to causing damage to computer systems, malware can also enable theft of sensitive company data. Therefore, you should be careful when visiting suspicious websites or opening emails from unknown senders. Because these two are the most common methods for spreading malware, security data becomes vulnerable and can be leaked.

3. Social Engineering

This is like using psychological manipulation to collect sensitive information such as full names, usernames, passwords, and so on via electronic media by posing as a trustworthy party.

Usually, phishing uses email to deceive its targets. The perpetrator's email may appear to be sent on behalf of a particular party to persuade the victim to click on the link. But now it has spread to messaging applications, including sending messages with malicious links that can steal your data.

Also read: WhatsApp Becomes Cybercriminals' Favorite Application for Sending Phishing

Now you don't need to worry anymore! Exicitium is here to offer malware-free technology that seamlessly integrates with EDR and MDR products from SecureTasks Indonesia to provide breach-free virtualization on endpoints while carrying out continuous threat monitoring in real time and proactively. Visit the website SecureTasks.co.id to get a free trial for 1 month, right now!