Multiple news agencies are reporting that a USA based cyber security firm has uncovered a massive hack coming out of Russia that has apparently stolen more than 1.2 billion unique email usernames and passwords. The attack hit over 420,000 different websites and in addition to the credentials stolen the thieves also downloaded in excess of 3 billion online records. This latest cyber-crime is the largest ever reported and once again highlights our collective need for diligent network protection, continual protection of our digital footprints and regular password changes.
Hold Security, an information security and investigations company, said the attack used malware infected computers to look for weaknesses in companies websites. While the company did not give details of the websites hit or the individuals affected, it did state, “They didn’t just target large companies; instead, they targeted every site that their victims visited. With hundreds of thousands of sites affected, the list includes many leaders in virtually all industries across the world, as well as a multitude of small or even personal websites.” The N.Y. Time, which first reported the story, said that it contacted an independent security company to verify the findings of Hold Security. In it’s statement the Times states , “a security expert not affiliated with Hold Security analysed the database of stolen credentials and confirmed it was authentic. Another computer crime expert who had reviewed the data, but was not allowed to discuss it publicly, said some big companies were aware that their records were among the stolen information. The N.Y. Times went on to say, “Hold Security would not name the victims, citing nondisclosure agreements and a reluctance to name companies whose sites remained vulnerable.”
Hold Security has previously reported about hacks on Adobe and Target. In this latest case they stated that it took in excess of seven months to compete the research, review and analysis and thus determine the extent of this massive attack. It appears that the thieves initially acquired databases of stolen credentials from fellow hackers on the black market. This information was used to attack e-mail providers, social media, and other websites to distribute spam to victims and install malicious re-directions on legitimate systems. The hackers also took advantage of what is called botnet, a network of computers infected with malware to trigger online fraud. The company went on to say that once this was in place, the thieves made sure “these botnets used victims’ systems to identify SQL vulnerabilities on the sites they visited. The botnet conducted possibly the largest security audit ever. Over 400,000 sites were identified to be potentially vulnerable to SQL injection flaws alone…”
As an individual there are some steps you can take to protect yourself and limit to exposure you have to hackers and the damage they will cause you. The first is to make sure you follow some simple steps, such as, do not use the same password for multiple sites (it makes it easier for you but also easier for the cyber thieves), make sure your passwords are strong – at least 9 characters, a random combination of upper and lower case and include numbers or symbols – and as a final step you should change your passwords often. This way even if your provider is hacked and your credentials are stolen you will foil the criminal by changing your password. For more detailed information, please visit a post here.
Take a look at the infographic below, as seen at hotspotshield.com, which will give you information on; hacking damage and risks, how the cyber thieves get in, detection and most importantly defense.