Password thefts and account hijacking - why every data dump should be on your mind

October 12, 2016

The theft of millions of password credentials can lead to automated attacks on other companies' sites. But Stephen Singam asks how can they be prepared to spot this risk?

In 1905's The Age of Reason, George Santayana wrote, “Those who cannot remember the past are condemned to repeat it.” For us in the IT industry, the emphasis is always on the new and the next, but there are many cases where repetition and remembering our history would help to improve performance. Alongside the monthly update grind caused by Patch Tuesdays, we see the same issues coming up time and again around security.

Theft of user credentials and passwords by hackers will normally get attention from the press, as an unfortunate company falls victim to a hack or software vulnerability. Each one of these attacks will get attention, and many IT professionals will thank their particular deity of choice that it wasn't their systems this time. However, this still looks at each of these events as a single occurrence.

However, we should look at all these thefts over time as part of a major new source of attacks - account hijacking. This covers automated attacks on e-commerce companies and retailers using large sets of password credentials. Each theft of credentials adds to the list of passwords that can be used in these attacks alongside more traditional dictionary attacks or simple substitutions of numbers for vowels.

Read the Article

Previous Article
Fake Bot Content Is Hard to Spot – and the Problem Is Getting Worse
Fake Bot Content Is Hard to Spot – and the Problem Is Getting Worse

Bots, both good and bad; that either help with Web search and repetitive tasks or wreak havoc according to ...

Next Article
5 Fundamentals of Digital Advertising Every Marketer Should Know
5 Fundamentals of Digital Advertising Every Marketer Should Know

As questions of transparency continue to plague digital advertising, MarketingLand puts together a list of ...