News broke yesterday that a Russian cyber gang has amassed the largest amount of stolen Internet credentials. Milwaukee-based Hold Security uncovered the stolen records, which include as many as 1.2 billion username and password combinations and more than 500 million email addresses. The credentials came from 420,000 websites, including household names, and small Internet sites around the world.
“Hackers did not just target U.S. companies, they targeted any website they could get, ranging from Fortune 500 companies to very small websites,” Alex Holden, founder and chief information security officer of Hold Security, tells the New York Times. “And most of these sites are still vulnerable.”
Hackers used mass scale botnets — virus-infected computers controlled by one criminal system — to steal credentials. The incident dwarfs the recent Target data breach, during which hackers in eastern Europe stole 40 million credit card numbers and 70 million addresses, phone numbers and additional pieces of personal information from the retailer.
Some security officials say the situation might not be as dire as it sounds. For one, Hold Security announced the findings to the New York Times the same day that Black Hat – an annual computer security conference – kicked off in Las Vegas. “It's fairly usual for companies to release interesting or startling information at Black Hat,” Geoff Webb, senior director of security and strategy at Net IQ, a computer security company based in Houston, tells USA Today. “If I were them and I wanted to make sure the world paid attention to this, I'd do it at Black Hat," Webb said. Further, Hold Security said that it will offer website owners the ability to check whether they’d been hacked, but only for a fee.
Image backup helps breach response
Regardless of how Hold Security handles the situation, the breach underscores the constant struggle for companies to address security concerns. “The ability to attack is certainly outpacing the ability to defend,” Lillian Ablon, a security researcher at the RAND Corporation, tells the Times. “We’re constantly playing this cat and mouse game, but ultimately companies just patch and pray.”
Earlier this year, Acronis fellow Joel Berman discussed how viruses similar to that of the Heartbleed bug affect company data protection. While image backup won’t prevent an incident, it helps IT get back up and running in the case of a virus. “With image backup, an IT manager can identify when the virus entered and began corrupting the system, and he or she can then simply restore the clean, pre-virus version of the system from a backup,” Berman said in an interview. “The IT manager would also need to update their OpenSSL with the fixed version and change all passwords to prevent another attack.”
Berman emphasized the need for IT managers to have a backup system in place and to retain past backups to detect viruses that have been latent in systems for a long time.
h/t New York Times.
[Image via Can Stock Photo]
Acronis is a Swiss company, founded in Singapore. Celebrating two decades of innovation, Acronis has more than 2,000 employees in 45 locations. Acronis Cyber Protect solution is available in 26 languages in over 150 countries and is used by 18,000 service providers to protect over 750,000 businesses.