Chuck Leaver Ziften CEO
It is believed that the most significant known cyber attack in the history of data breaches has been discovered by an American cyber security company. It is believed by the company that a team of cyber lawbreakers from Russia that they have been examining for numerous months is responsible for stealing passwords in the billions and other sensitive individual data. It is declared that the Russian group stole 4.5 billion credentials, although a lot were duplicated, and the end result was 1.2 billion unique data profiles being stolen. The group took the information from 420,000 sites of different sizes, from large brand name sites to smaller sized mom and pop stores.
The New York Times stated that the cyber bad guys comprised of about 12 individuals. Beginning with small scale spamming techniques in 2011 they acquired the majority of the data by buying stolen databases.
In an interview with PCMag, the founder of the company that discovered the breach, Alex Holden, said “the gang begun by simply buying the databases that were offered online.” The group used to buy at fire sales and were described as “bottom feeders”. As time progressed they began the purchase of higher quality databases. It’s kind of like graduating from stealing bicycles to stealing pricey cars.”
A Progression From Spamming To Using Botnets
The cyber criminal group began to alter their behavior. Botnets were employed by the group to gather the stolen data on a much bigger scale. Through using the botnets the group were able to automate the procedure of recognizing websites that were susceptible and this allowed them to work 24/7. Anytime that a contaminated user would visit a website, the bot would check to see if the vulnerability would undergo an SQL injection automatically. Using these injections, which is a frequently used hacking tool, the database of the site would be forced to reveal its contents through the entering of a simple query. The botnets would flag those websites that were vulnerable and the hackers returned later on to extract the information from the site. The use of the bot was the supreme downfall of the group as they were detected by the security company using it.
It is believed by the security business that the billions of pieces of data that were stolen were not stolen at the same time, and that most of the records were most likely purchased from other cyber lawbreakers. According to the Times, very few of the records that were taken have actually been offered online, rather the hacking group have actually decided to use the information for the sending out of spam messages on social networks for other groups so that they can earn money. Different cyber security experts are asserting that the magnitude of this breach is part of a trend of cyber crooks stockpiling big amounts of individual profiles with time and conserving them for use in the future, according to the Wall Street Journal.
Security analyst at the research firm Gartner, Avivah Litan, said “businesses that count on user names and passwords have to develop a sense of urgency about altering this.” “Until they do, criminals will simply keep stockpiling people’s credentials.”
Cyber attacks and breaches on this scale highlight the requirement for companies to protect themselves with the latest cyber security defenses. Systems that utilize endpoint threat detection and response will assist organizations to create a clearer picture of the threats facing their networks and receive info that is actionable on how best to prevent attacks. Today, when big data breaches are going to happen increasingly more, using continuous endpoint visibility is important for the security of an organization. If the network of the company is continuously monitored, threats can be determined in real time, and this will decrease the damage that a data breach can inflict on the credibility and bottom line of a company.