It seems like nearly every week, and in some cases nearly every day, there is some security breach announced. The vast majority of these assaults tend to revolve around online user accounts, where password, account information, and even usernames are stolen. Over the years, there has been a general trend where the number of accounts breached or compromised is growing, and in early August news broke about possibly the biggest breach to date.
The latest big-scale breachIn early August, it emerged that a Russian hacker ring had amassed what is believed to be the biggest known collection of stolen account credentials. The numbers include around 1.2 billion username and password combinations, and over 500 million email addresses.
According to Hold Security, the company that uncovered these records, the information comes from around 420,000 sites. What is particularly interesting about this particular attack is that such a wide variety of sites were targeted when compared this with other attacks which tend to either attack large brand names or smaller related sites.
How did this happen?Despite what many believe, this was not a one-time mass attack; all sites that were compromised were not attacked at the same time. Instead, the hacker ring - called the Cyber Vor - was likely working on amassing this data over months or longer. How they were able to amass this much information is through what's called a botnet.
Botnets are a group of computers infected by hackers. When the hackers establish a botnet, they attack computers with weak network security and try to infect them with malware that allows the hacker to control the computer. If successful, users won't even know their computer has been hacked and is being used by hackers.
Once this botnet is established, the hackers essentially tell the computers to try to contact websites to test the security. In this recent case, the computers were looking to see if the websites were vulnerable to a SQL injunction. This is where hackers tell the computers in the botnet to look for fillable sections on sites like comment boxes, search boxes, etc. and input a certain code asking the website's database to list the stored information related to that box.
If the Web developer has restricted the characters allowed in the fillable text boxes, then the code likely would not have worked. The botnet would notice this, and then move onto the next site. However, if the code works, the botnet notes this and essentially alerts the hacker who can then go to work collecting the data.
So, is this serious and what can I do?In short, this could be a fairly serious problem. While 420,000 sites may seem like a large number, keep in mind that the Internet is made up of billions of websites. This means that the chances of your website's data being breached by this ring are small. That being said, there is probably a good chance that one of the sites related to your website may have been breached.
So, it is a cause for concern. However, you can limit the chance of hackers gaining access to your information and a website's information.
1. Change all of your passwordsIt seems like we say this about once a month, but this time you really should heed this warning. With 1.2 billion username and password combinations out there, there is a chance your user name for at least one account or site has been breached.
To be safe, change all of your passwords. This also includes passwords on your computer, mobile devices, and any online accounts - don't forget your website's back end, or hosting service. It is a pain to do, but this is essential if you want to ensure your data and your website is secure from this attack.