Charles Leaver Ziften CEO
It is believed that the greatest known cyber attack in the history of data breaches has actually been found by an American cyber security company. It is believed by the company that a group of cyber criminals from Russia that they have been investigating for numerous months is responsible for taking passwords in the billions and other sensitive personal data. It is declared that the Russian group took 4.5 billion credentials, although a lot were duplicated, and the final outcome was 1.2 billion unique data profiles being taken. The group took the information from 420,000 sites of various sizes, from big brand name sites to smaller mom and pop shops.
The New York Times stated that the cyber crooks comprised of about 12 people. Starting out with small scale spamming approaches in 2011 they gained the majority of the data by buying stolen databases.
In an interview with PCMag, the founder of the company that found the breach, Alex Holden, said “the gang begun by just purchasing the databases that were offered over the Internet.” The group used to buy at fire sales and were referred to as “bottom feeders”. As time went by they started the purchase of higher quality databases. It’s kind of like graduating from taking bikes to stealing costly automobiles.”
A Progression From Spamming To Using Botnets
The cyber criminal group began to alter their behavior. Botnets were utilized by the group to gather the stolen data on a much larger scale. Through using the botnets the group were able to automate the process of recognizing sites that were susceptible and this enabled them to work 24/7. Anytime that an infected user would visit a website, the bot would check to see if the vulnerability would could go through an SQL injection automatically. Using these injections, which is a commonly used hacking tool, the database of the website would be required to reveal its contents through the entering of a basic query. The botnets would flag those websites that were vulnerable and the hackers returned later to extract the information from the website. Using the bot was the ultimate downfall of the group as they were spotted by the security company utilizing it.
It is believed by the security company that the billions of pieces of data that were stolen were not taken at the same time, and that most of the records were most likely bought from other cyber criminals. According to the Times, very few of the records that were taken have been sold online, instead the hacking team have chosen to utilize the information for the sending out of spam messages on social media for other groups so that they can earn money. Different cyber security professionals are asserting that the magnitude of this breach signifies a trend of cyber wrongdoers stockpiling huge amounts of personal profiles with time and saving them for use later, according to the Wall Street Journal.
Security expert at the research study company Gartner, Avivah Litan, said “companies that depend on user names and passwords have to cultivate a sense of urgency about altering this.” “Till they do, lawbreakers will simply keep stockpiling individuals’s credentials.”
Cyber attacks and breaches on this scale underline the requirement for organizations to safeguard themselves with the latest cyber security defenses. Systems that use endpoint threat detection and response will help companies to create a clearer picture of the risks facing their networks and receive info that is actionable on how best to prevent attacks. Today, when substantial data breaches are going to take place more and more, the use of continuous endpoint visibility is crucial for the security of a business. If the network of the company is constantly monitored, hazards can be recognized in real time, and this will decrease the damage that a data breach can inflict on the reputation and bottom line of a company.