A peek into the stealing habits of cybercriminals
Cybercrime

A peek into the stealing habits of cybercriminals

According to Verizon’s 2017 Data Breach Investigations Report, 81 percent of hacking-related breaches use either stolen and/or weak passwords. It’s no big surprise. Stories of businesses still using the word ‘password’ for its passwords continually do the rounds. So a group of researchers at enterprise cyber security software and services firm Imperva decided to test the water, to see what actually happens when hackers gain access to credentials and attack individuals.

Apparently the most common way cybercriminals penetrate networks is by stealing and then using valid credentials. According to Imperva, password theft occurs using many different methods - phishing, malware, man-in-the-middle attacks and brute-force password learning – but it is phishing that remains the most effective method. It plays on human curiosity and error so this is where the researchers focussed most of their attention.

“Humans will always be humans,” says Luda Lazar, security research engineer at Imperva’s Defense Center. By that she means we always have it in us to do stupid things like click on links in emails or download attachments.

We collate the opinions of 31 experts to discover the things businesses really need to know about the dark web. Check out: The dark web & business report: A seedy Dickensian underworld online

Lazar led Imperva’s six-month research project, a honeypot campaign to attract hackers and watch their methods and movements and even trace them where possible. A pool of honey accounts was created containing nearly 60 email accounts from the likes of Gmail, Outlook, Yahoo and Yandex, as well as 30 groups of other account types - including file hosting (OneDrive, Google Drive, Dropbox) and social network accounts (Facebook, LinkedIn, Twitter) bound to one of the email accounts. Identical passwords were used for all accounts to track password reuse attempts.

To continue reading...


Please login or register to view your article. If you do not have or do not remember your password, please click on the “Forgotten your password?” link at the bottom.
If you do not yet have a password but are an existing user, please use the “Forgotten your password?

PREVIOUS ARTICLE

«Enterprise GitHub projects of the week: Confidant, UI for UWP, & Ansible

NEXT ARTICLE

CloudSec: Cloud not the magical bullet for GDPR compliance»
Marc Ambasna-Jones

Marc Ambasna-Jones is a UK-based freelance writer and media consultant and has been writing about business and technology since 1989.

Add Your Comment

Most Recent Comments

Our Case Studies

IDG Connect delivers full creative solutions to meet all your demand generatlon needs. These cover the full scope of options, from customized content and lead delivery through to fully integrated campaigns.

images

Our Marketing Research

Our in-house analyst and editorial team create a range of insights for the global marketing community. These look at IT buying preferences, the latest soclal media trends and other zeitgeist topics.

images

Poll

Will Kotlin overtake Java as the most popular Android programming language in 2018?