Credential Stuffing: 8.7 Identity-Record Data Are On Surface, Deep & Dark Web

Credential stuffing is a method that hackers use to infiltrate a company’s system by automated injection of breached username & password pairs. Attackers use credentials to bypass anti-spam and firewall devices and access users accounts. Once they were inside the company network, they can send phishing emails or compromise company systems/data. Note that attackers just need to gain access to only a few accounts, or just one admin account to compromise the system. According to OWASP report, these Attackers/hackers do money laundering, social security fraud, and identity theft, or disclose legally protected highly sensitive information.

Situation of Breached Credentials:

Usage of stolen credentials is reported as #1 reason in 2018 Verizon Data Breach Investigations Report with being the cause of 22% of all breaches in 2017. 6 out of 10 confirmed data breaches in 2016 leveraged weak or stolen passwords.

Simple Steps to Prevent Password Breaches:

  • Use 2-Factor Authentication
  • Change passwords at least in three months
  • Create awareness among employees
    • Ask employees to not use company credentials for their personal accounts (social media, online purchasing etc.). Research shows that nearly 75% of people are still using duplicate passwords across multiple systems
    • To Use different passwords for different purposes like business, personal and banking
  • Monitoring continuously of the cyber data leaks

We can see credential stuffing in OWASP – 2017 – Top 10 critical web application security risks report under the second most critical risk: Broken Authentication. According to OWASP – 2017 report, Attackers/hackers do money laundering, social security fraud, and identity theft, or disclose legally protected highly sensitive information.

Some High-Profile Breaches Caused: 

LinkedIn Breach in 2012:

LinkedIn, the Social Networking Website was hacked in 2012 by Russian cyber criminals and they hacked around 65M user accounts & passwords. They posted the stolen credentials on a Russian forum, the next day after the LinkedIn was breached. Also in 2016, they found out that 100M email addresses and hashed passwords are claimed as an additional data along with breached credentials in 2012. LinkedIn was not sure whether the hackers were also able to steal email IDs associated with the compromised user accounts.

Adobe Breach:

Adobe was hacked in October 2013, where the attackers had gotten access to IDs and encrypted passwords of 38 Million active users. After many weeks of research, adobe found out that the hacker had exposed customers IDs, Names, Passwords and Debit/Credit Card information.

Home Depot:

Home Depot’s POS systems had been infected with Malware, which posed as Anti-Virus Software. Home Depot agreed to pay a minimum of 19.5 Million dollars to compensate. The settlement covered about 40M people, whose payment card data was stolen.

Summary:

Breached Credentials cause a lot of damage every year to many companies. Continuous Monitoring is also required along with the above-mentioned preventive methods.

Reference:

https://www.csoonline.com/article/2130877/data-breach/the-biggest-d...

https://en.wikipedia.org/wiki/List_of_data_breaches

Views: 34

Join the Discussion ...

You need to be a member of CISO Platform to join the discussion!

Join CISO Platform

FireCompass

Forum

CISO as an enabler

Started by Maheshkumar Vagadiya Jul 30. 0 Replies

Share the instances where you were able to convince the Executive management /board that CISO function is enabler rather then a hindrance.Thanks youMaheshContinue

Has Anyone Evaluated Digital Signature (like Docusign)?

Started by CISO Platform. Last reply by SACHIN BP SHETTY Apr 24. 1 Reply

(question posted on behalf of a CISO member)Has anyone evaluated digital signature (like Docusign), any specific risk/ security areas to be looked into while finalising a vendor? Any and all inputs will be very much appreciated.Continue

What are your strategies for using Zoom in your organization after recent vulnerabilities in news about Zoom platform?

Started by CISO Platform. Last reply by ANAND SHRIMALI May 20. 4 Replies

(question posted on behalf of a CISO member)What are your strategies for using Zoom in your organization after recent vulnerabilities in news about Zoom platform?Related Question: …Continue

[Please Suggest] Corona Virus: Security advisory for work from home

Started by CISO Platform. Last reply by Bhushan Deo Mar 20. 12 Replies

(question posted on behalf of a CISO member)Due to CORONA virus most of the organizations are allowing their employees to work form home.Has any one issued security advisory for work from home ?Continue

Tags: #COVID19

Follow us

Contact Us

Email: contact@cisoplatform.com

Mobile: +91 99002 62585

InfoSec Media Private Limited,First Floor,# 48,Dr DV Gundappa Road, Basavanagudi,Bangalore,Karnataka - 560004

© 2020   Created by CISO Platform.   Powered by

Badges  |  Report an Issue  |  Privacy Policy  |  Terms of Service