If Russian Cyber Criminals Can Steal Billions Of Customer Profiles Then You Need To Defend Your Network With Continuous Endpoint Monitoring – Chuck Leaver

Chuck Leaver Ziften CEO

 

It is believed that the greatest recognized cyber attack in the history of data breaches has been discovered by an American cyber security business. It is believed by the company that a group of cyber crooks from Russia that they have actually been investigating for numerous months is responsible for taking passwords in the billions and other sensitive individual data. It is alleged that the Russian group stole 4.5 billion credentials, although a lot were duplicated, and the end result was 1.2 billion unique data profiles being stolen. The group stole the details from 420,000 websites of different sizes, from big brand name sites to smaller mom and pop shops.

The New York Times stated that the cyber bad guys comprised of about 12 people. Beginning with small scale spamming approaches in 2011 they acquired most of the data by buying stolen databases.

In an interview with PCMag, the founder of the business that discovered the breach, Alex Holden, stated “the gang begun by simply buying the databases that were available online.” The group used to buy at fire sales and were described as “bottom feeders”. As time progressed they began the purchase of higher quality databases. It’s sort of like graduating from stealing bicycles to taking pricey automobiles.”

A Graduation From Spamming To Using Botnets

The cyber criminal team started to alter their habits. Botnets were used by the team to gather the stolen data on a much larger scale. Through using the botnets the group had the ability to automate the process of recognizing sites that were vulnerable and this allowed them to work 24/7. Anytime that a contaminated user would visit a site, the bot would check to see if the vulnerability would undergo an SQL injection automatically. Utilizing these injections, which is a commonly used hacking tool, the database of the website would be forced to display its contents through the entering of a simple query. The botnets would flag those websites that were susceptible and the hackers returned later on to extract the details from the site. Using the bot was the ultimate downfall of the group as they were found by the security company utilizing it.

It is thought by the security business that the billions of pieces of data that were stolen were not stolen at the same time, and that the majority of the records were probably purchased from other cyber criminals. According to the Times, very few of the records that were taken have been sold online, instead the hacking team have actually chosen to use the information for the sending of spam messages on social networks for other groups so that they can earn money. Different cyber security professionals are claiming that the magnitude of this breach is part of a pattern of cyber lawbreakers stockpiling big quantities of individual profiles gradually and saving them for usage later on, according to the Wall Street Journal.

Security analyst at the research company Gartner, Avivah Litan, stated “businesses that count on user names and passwords have to establish a sense of urgency about changing this.” “Up until they do, criminals will just keep stockpiling people’s credentials.”

Cyber attacks and breaches on this scale underline the need for companies to protect themselves with the current cyber security defenses. Systems that utilize endpoint threat detection and response will assist organizations to develop a clearer picture of the risks facing their networks and receive info that is actionable on how best to prevent attacks. Today, when huge data breaches are going to take place more and more, the use of continuous endpoint visibility is crucial for the security of a company. If the network of the company is continuously monitored, threats can be determined in real time, and this will minimize the damage that a data breach can inflict on the reputation and bottom line of a company.