Protecting Sensitive data from Vulnerable Application User Interface

ProtonMail, a Swiss-based email service provider, duped a sophisticated phishing scheme against a team of journalists from Bellingcat. The cybercriminals had written an email that claimed to be from the ProtonMail team and asked for their login credentials. While the motives appear to be political, ProtonMail prevented their success by partnering with Swiss authorities in shutting down the web domains involved. Should the phishers have succeeded, ProtonMail’s user interface (UI) would have been easy to bypass — no matter how cutting edge their system’s security is.

Protecting User Interaction: Why is it Important?

The user interface (UI) is any feature on a website or application that users interact with. As UI serves as the user-facing feature of website development, it is used to enhance the user experience (UX) and help users go through the website with the least amount of difficulty. However, businesses should place more importance on the UI's security rather than its aesthetics.

A faulty UI can become susceptible to infiltration, allowing cybercriminals to discreetly alter the content of web pages and add extra transactions. This type of infiltration is called a man-in-the-browser (MitB) attack. A man-in-the-middle (MitM) attack happens when the hacker intercepts important messages and steals confidential data, negatively affecting the company’s revenue and reputation.

A type of MitM attack is DNS Spoofing. People usually think they are entering into the right website but are led to the wrong IP address. These are usually found on online ads or pop-ups that redirect users to a different page. The SSL stripping attack is another MitM method that demotes an HTTPS connection to an unsecure one. This lets hackers collect login details without customers noticing anything is amiss.

All of these attacks are hard to notice but easy to automate. Once the AI learns what data it should harvest, it can now manipulate the traffic and create fake networks where the hacker has full control over. As an example, a cybercriminal that has intercepted a network while you are banking can redirect the destination of the money and add to the amount being sent.

UI Vulnerabilities: How do Companies Prevent These?

Both MitB and MitM attacks are usually caused by faulty connections, unsecure browsers, and uneducated users. This is seen when people connect to public Wi-Fi networks, allowing hackers to steal their personal details and making the website penetrable to outsiders. Should a company prevent their customers’ personal information from getting stolen, they need to follow three things:

• Follow Security Defaults

The least privilege rule applies to any program that a company launches.  This means that users or administrators who need access to a certain account or system only needs the bare minimum permission. Applying this rule is both restrictive and limiting as it grants the user a set of privileges that is enough to get their job done. This type of security measure is followed by most, if not all.

Companies should also secure a SSL certificate to assure users that they are sending their personal information to a secure connection. This encrypts any data that is sent to and from the website, making the company more credible and trustworthy.

It is possible to achieve these things without putting too much pressure on the company’s developers, making the default action a secure and safe one. When the user is willing to compromise their safety to get the results they want, it is probably because they do not understand the possible consequences.

• Educate Users and Employees

When the company’s program shoots a warning that the user is about to enter an unsafe site, most users elect to ignore this. Most of the time, this is because the user is unaware of the implications of their actions.

On the company’s part, it becomes their responsibility to make the potential outcomes clearer for their customers without the technical jargon—as a result, customers are able to make more informed decisions. However, there will be times when the customer should not be given the option to change their security options, saving both sides from data theft in the future.

In a similar manner, company employees should also be educated of the threats that come along with internet connection. Their credentials are just as important, if not more than, the customers they serve.

• Create Security Measures with a CISO

There are different kinds of cybercrime tactics abound the webspace. When developers create a website, they do not need to reinvent the security wheel. In some cases, programmers use the security Application Programming Interface whenever it becomes applicable to their website. These are user interface frameworks that have been proven to be protected and secure. This keeps the UI’s foundation strong and allows developers to work with already existing APIs.

There Apart from this, a company needs to prepare security policies should anyone encounter an external or internal threat. Fighting against each one of these threats requires a different set of tools and expertise. In this case, the business needs to partner with a skilled Chief Information Security Officer (CISO). They are the ones who make difficult cybersecurity decisions and weigh in on company policies.

There Marketing your business through an online website or application can be done without compromising convenience and security. Allow your customers to interact and engage on a platform where their privacy is not threatened.

There Wilson Consulting Group is an innovative global cybersecurity consulting firm. We offer Cyber Intelligence, Cyber Security Assessment, Penetration Testing and  Vulnerability Assessment Services to evaluate any threats that your organization may face and provide solutions to combat them.