Charles Leaver Ziften CEO
It is thought that the greatest recognized cyber attack in the history of data breaches has actually been discovered by an American cyber security company. It is thought by the business that a team of cyber lawbreakers from Russia that they have been examining for numerous months is responsible for stealing passwords in the billions and other sensitive individual data. It is alleged that the Russian team took 4.5 billion credentials, although a lot were duplicated, and the final outcome was 1.2 billion unique data profiles being taken. The group stole the info from 420,000 websites of various sizes, from big brand websites to smaller mom and pop stores.
The New York Times stated that the cyber wrongdoers comprised of about 12 people. Starting with small scale spamming techniques in 2011 they acquired most of the data by buying stolen databases.
In an interview with PCMag, the founder of the business that found the breach, Alex Holden, stated “the gang begun by just buying the databases that were offered over the Internet.” The group used to buy at fire sales and were described as “bottom feeders”. As time progressed they started the purchase of higher quality databases. It’s sort of like graduating from stealing bicycles to taking expensive automobiles.”
A Graduation From Spamming To Using Botnets
The cyber criminal team began to change their habits. Botnets were employed by the team to collect the stolen data on a much larger scale. Through the use of the botnets the group had the ability to automate the process of identifying sites that were vulnerable and this enabled them to work 24/7. Anytime that an infected user would check out a site, the bot would inspect to see if the vulnerability would could go through an SQL injection automatically. Utilizing these injections, which is a typically used hacking tool, the database of the website would be required to display its contents through the entering of a simple query. The botnets would flag those sites that were vulnerable and the hackers returned later on to extract the details from the website. Making use of the bot was the supreme downfall of the group as they were detected by the security business utilizing it.
It is thought by the security company that the billions of pieces of data that were stolen were not taken at the same time, and that most of the records were most likely bought from other cyber lawbreakers. According to the Times, few of the records that were taken have been sold online, instead the hacking team have actually chosen to utilize the info for the sending out of spam messages on social media for other groups so that they can make money. Other cyber security specialists are claiming that the magnitude of this breach signifies a pattern of cyber lawbreakers stockpiling substantial quantities of individual profiles with time and conserving them for usage in the future, according to the Wall Street Journal.
Security expert at the research firm Gartner, Avivah Litan, stated “businesses that rely on user names and passwords have to cultivate a sense of urgency about changing this.” “Until they do, lawbreakers will simply keep stockpiling individuals’s credentials.”
Cyber attacks and breaches on this scale underline the requirement for organizations to protect themselves with the current cyber security defenses. Systems that use endpoint threat detection and response will help companies to develop a clearer picture of the hazards facing their networks and receive information that is actionable on how best to resist attacks. Today, when substantial data breaches are going to happen increasingly more, the use of continuous endpoint visibility is important for the security of a business. If the network of the organization is constantly monitored, dangers can be recognized in real time, and this will reduce the damage that a data breach can cause on the credibility and bottom line of an organization.