Country seeks to triple cyber capabilities of its digital intelligence agency, ASD

Read More

Jouons à un jeu. Accédez à l’appli Photos de votre téléphone et voyez le nombre total de vidéos et d’images qu’il contient. Tous ces précieux souvenirs de vacances en famille, les extraits de votre concert préféré et les innombrables photos de votre compagnon à fourrure. Ensuite, ouvrez votre ordinateur portable ou de bureau et vérifiez le nombre de documents que vous avez enregistrés. Par exemple, les rapports de recherche utilisés pour défendre votre thèse ou la présentation importante que vous ferez lundi à votre patron. Si vous deviez deviner, diriez-vous que ces différentes données se comptent par milliers? Imaginez maintenant qu’elles disparaissent toutes soudainement. Que feriez-vous?

Vous pensez peut-être : « Cela ne m’arrivera jamais. » Cette situation est pourtant plus fréquente que vous ne le pensez. Plus de 60 millions d’ordinateurs tomberont en panne dans le monde cette année. Et plus de 200 000 téléphones intelligents sont perdus ou volés chaque année. C’est pourquoi nous célébrons la Journée mondiale de la sauvegarde : pour expliquer comment sauvegarder correctement vos fichiers et avoir l’esprit tranquille en sachant que vos données sont en sécurité.

En quoi consistent les sauvegardes et pourquoi sont-elles importantes?

Une sauvegarde est une copie séparée de vos informations numériques et fichiers importants. Stocker toutes ces données au même endroit, comme un ordinateur personnel ou un téléphone, peut s’avérer dangereux. La création d’une autre copie de ces données au moyen d’une sauvegarde garantira qu’elles sont stockées de façon sécuritaire si votre appareil est effacé ou volé.

Il est important de comprendre que la perte de données n’arrive pas qu’aux grandes sociétés ou aux victimes peu méfiantes des films d’espionnage. La perte ou le vol de données peut arriver à tout le monde. La sauvegarde de vos informations est une étape simple pour les protéger et empêcher les cybercriminels de s’en emparer.

Stockage de données 101

Les données sont l’un des actifs les plus importants du monde moderne. Comme illustré précédemment, nous collectons tous d’innombrables fichiers contenant des informations importantes que nous souhaitons conserver. Heureusement, il existe deux façons courantes et peu coûteuses de stocker des données et leurs sauvegardes.

Stockage dans le nuage

Bien que « le nuage » soit devenu un mot à la mode il y a des années, sa définition reste encore floue pour bien des gens. Le nuage existe dans des centres de données distants auxquels vous pouvez accéder par le biais d’Internet. Toutes les données téléchargées dans le nuage existent sur des serveurs dédiés et des volumes de stockage hébergés dans des entrepôts distants, souvent situés sur des sites remplis d’entrepôts semblables. Les centres de données appartiennent à des fournisseurs de services nuagiques, qui sont chargés de maintenir les serveurs opérationnels.

Pour protéger physiquement vos données contre le vol et la destruction, et garantir qu’elles sont disponibles chaque fois que vous souhaitez y accéder, les centres de données utilisent des systèmes de refroidissement étendus pour empêcher la surchauffe des appareils électroniques et disposent d’au moins un générateur de secours en cas de panne de courant. Mais comment s’assurent-ils que ces données sont sécurisées dans la cybersphère? Les systèmes nuagiques utilisent des procédures d’authentification par noms d’utilisateur et mots de passe pour limiter l’accès, et le chiffrement des données pour les protéger du vol ou des interceptions. Cependant, il est important de se rappeler que les mots de passe peuvent être piratés. Généralement, le fournisseur de services détient les clés de chiffrement de vos données, ce qui signifie que des employés malveillants pourraient, en théorie, y accéder. De même, vos données pourraient également être recherchées et saisies par des entités gouvernementales.

Cela soulève une question : Faire confiance ou ne pas faire confiance? Puisque la survie des entreprises de stockage nuagique dépend en premier lieu de leur réputation, vous pouvez être assuré qu’elles s’efforcent d’utiliser les techniques de sécurité les plus avancées et de fournir le service le plus fiable possible. Pour garantir la sécurité de vos données si vous choisissez de les stocker ou de les sauvegarder dans le nuage, conservez tout ce qui est vraiment sensible dans un nuage privé, abrité derrière un pare-feu.

Disque dur externe

Avec un disque dur externe, vous pouvez sauvegarder manuellement l’ensemble de vos données et de vos fichiers sur un appareil physique auquel vous pouvez accéder à tout moment. Ces disques constituent un moyen fiable d’obtenir des données redondantes. Un disque dur externe ne dépend pas de l’accès à Internet comme les services basés dans le nuage. Il constitue donc une solution simple lors du transfert de données vers un nouvel appareil. Cependant, l’utilisation de disques durs externes requiert que vous interveniez plus directement dans la de sauvegarde de vos données. Il est de votre responsabilité d’effectuer vous-même des sauvegardes régulières et de stocker votre disque dur dans un endroit sûr. Alors que les solutions nuagiques offrent un énorme espace de stockage, les disques durs en proposent un plus limité. Vous devrez donc peut-être acheter plus d’un appareil. Recherchez un disque externe qui offre au moins un téraoctet d’espace pour héberger toutes vos données, car celles-ci ont tendance à s’accumuler rapidement.

Lancez votre nettoyage de printemps numérique

Quand vous nettoyez votre garage et rangez votre maison, faites un ménage numérique avec autant de soin en cette Journée mondiale de la sauvegarde. Désencombrez vos appareils, applis et comptes en ligne et gagnez en tranquillité d’esprit en sachant que toutes vos précieuses données sont stockées dans un endroit sûr et sécurisé… et que vous disposez d’une sauvegarde en cas de problème. N’oubliez pas que la proactivité contribue grandement à renforcer votre cybersécurité et à protéger vos informations.

The post C’est la journée mondiale de la sauvegarde! appeared first on McAfee Blog.

Read More

Vamos a probar algo a modo de juego. Ve a la aplicación de fotos de tu teléfono y mira el número total de videos e imágenes que hay en tu dispositivo: todos esos preciosos recuerdos de las vacaciones familiares, los clips de tu concierto favorito y las innumerables fotografías de tu mascota. Ahora, ve a tu computadora portátil o de escritorio y averigua cuántos documentos has guardado: pueden ser todos los informes que necesitas para defender tu tesis universitaria o una importante presentación que tu jefe te pidió para el lunes. Si tuvieras que adivinar, ¿dirías que el número total de todos esos diversos archivos supera los mil, dos mil, o que llega quizá hasta los diez mil? Ahora imagina que todos estos datos desaparecieran de repente. ¿Qué harías?

Puede que pienses: “Eso nunca me pasará a mí”. Sin embargo, esta situación es más común de lo que crees. Este año, fallarán más de 60 millones de computadoras en todo el mundo, y cada año se pierden o roban más de 200 000 smartphones. Por eso, en el Día Mundial de las Copias de Seguridad, queremos darte un par de consejos sobre cómo crear copias de seguridad adecuadas de tus archivos para tener la tranquilidad de saber que tus datos están a salvo.

¿Qué son las copias de seguridad y por qué son importantes?

Una copia de seguridad (o “backup”, en inglés) es una copia separada de tus archivos e información digital importante y de valor sentimental. Almacenar todos esos datos en un solo lugar, como una computadora personal o un smartphone, puede no ser la opción más segura. Crear una copia de seguridad de esos datos garantizará que se almacenen y se mantengan a salvo en otro lugar en caso de que los archivos sean borrados o que tu dispositivo sea robado.

Es importante reconocer que la pérdida o fuga de datos no es algo que solo le ocurre a las grandes empresas o a las víctimas desprevenidas en las películas de espías. Todo el mundo es susceptible de sufrir fugas o robos de datos, y hacer una copia de seguridad de los mismos es un paso sencillo para proteger toda tu información y evitar que los ciberdelincuentes se lleven lo que no les pertenece.

Conceptos básicos del almacenamiento de datos

Los datos son uno de los activos más importantes del mundo moderno. Como lo demostramos anteriormente, las personas coleccionan innumerables archivos que contienen información valiosa que quieren mantener a salvo. Por suerte, hay dos formas comunes y económicas de almacenar datos y copias de seguridad.

Almacenamiento en la nube

Aunque “la nube” se convirtió en un término de moda hace años, su definición sigue siendo confusa para algunas personas. La nube existe en centros de datos remotos a los que se puede acceder a través de Internet. Todos los datos que se suben a la nube se encuentran en servidores dedicados y unidades de almacenamiento que se alojan en almacenes lejanos, a menudo situados en instalaciones llenas de estos almacenes. Los centros de datos son propiedad de los proveedores de servicios en la nube, que son responsables de mantener los servidores en funcionamiento.

Para mantener los datos físicamente a salvo del robo y la destrucción, y para asegurarse de que están disponibles siempre que se quiera acceder a ellos, los centros de datos cuentan con amplios sistemas de refrigeración para evitar el sobrecalentamiento de los componentes electrónicos y tienen al menos un generador de reserva en caso de que se produzcan cortes de electricidad. Pero, ¿cómo se aseguran de que estos datos están seguros en la ciberesfera? Los sistemas en la nube utilizan procesos de autenticación, como nombres de usuario y contraseñas, para limitar el acceso, y el cifrado de datos para evitar que los hackers roben o intercepten los mismos. Sin embargo, es importante recordar que las contraseñas pueden ser hackeadas. Normalmente, el proveedor de servicios tiene las claves de cifrado de tus datos, lo que significa que los empleados con malas intenciones podrían, en teoría, acceder a ellos. Del mismo modo, tus datos también podrían ser rastreados y confiscados por entidades gubernamentales.

Esto nos lleva a preguntarnos: ¿deberíamos confiar en la nube? Dado que las empresas de almacenamiento en la nube viven y mueren por su reputación, puedes tener la tranquilidad de que hacen todo lo posible por utilizar las técnicas de seguridad más avanzadas y proporcionar el servicio más confiable posible. Para ayudar a garantizar la seguridad de tus datos en caso de que decidas almacenarlos o hacer una copia de seguridad en la nube, es recomendable guardar la información más sensible en una nube privada protegida por un firewall.

Discos duros externos

Con un disco duro externo, puedes por tu propia cuenta crear una copia de seguridad de todos tus datos y archivos en un dispositivo físico al que puedes acceder en cualquier momento. Estas unidades son una forma confiable de tener siempre a la mano un duplicado de tus datos. Un disco duro externo no depende del acceso a Internet, como los servicios basados en la nube, y es una solución fácil para transferir datos a un nuevo dispositivo. Sin embargo, el uso de discos duros externos requiere un enfoque más práctico a la hora de hacer copias de seguridad de los datos. Es tu responsabilidad realizar regularmente copias de seguridad por tu propia cuenta, y de guardar tu disco duro en un lugar seguro. Mientras que las soluciones en la nube ofrecen enormes cantidades de almacenamiento, el espacio de almacenamiento en los discos duros es limitado, por lo que es posible que tengas que comprar más de un dispositivo. Busca una unidad externa con al menos un terabyte de espacio para guardar todos tus datos, que tienden a acumularse rápidamente.

Anímate a hacer una limpieza digital

Así como limpias tu garaje y ordenas tu casa, dedica el mismo cuidado para hacer una limpieza digital este Día Mundial de las Copias de Seguridad. Despeja y pon en orden tus dispositivos, aplicaciones y cuentas en línea, y gana en tranquilidad al saber que todos tus datos valiosos están almacenados en un lugar seguro… y que cuentas con una copia de seguridad en caso de que algo salga mal. Recuerda que la proactividad contribuye en gran medida a reforzar tu ciberseguridad y a proteger tu información.

The post Hoy es el Día Mundial de las Copias de Seguridad. Conoce cómo proteger tus archivos appeared first on McAfee Blog.

Read More

Vamos jogar um jogo. Acesse o aplicativo Fotos em seu telefone e veja o número total de vídeos e imagens em seu aparelho: todas aquelas lembranças preciosas de férias em família, clipes do seu show favorito e as inúmeras fotos do seu bicho de estimação. Em seguida, abra seu laptop ou desktop e verifique quantos documentos você salvou. Talvez todos os relatórios de pesquisa salvados para defender sua tese de graduação ou uma importante apresentação com slides que você mostrará ao seu chefe na segunda-feira. Se tivesse que adivinhar, você diria que há milhões desses dados no total? Agora imagine se todos eles tivessem desaparecido de repente. O que faria?

Você pode estar pensando: “Isso nunca vai acontecer comigo”. No entanto, essa situação é mais comum do que se imagina. Mais de 60 milhões de computadores terão problemas no mundo este ano. Além disso, mais de 200 mil smartphones são perdidos ou roubados a cada ano. É por isso que estamos comemorando o Dia Mundial do Backup. Queremos mostrar como você pode fazer backup de seus arquivos e encontrar paz de espírito, sabendo que seus dados estão sãos e salvos.

O que são os backups e qual a sua importância?

Uma cópia de segurança é uma cópia separada de seus arquivos e informações digitais importantes e sentimentais. Armazenar todos esses dados em um só lugar, como um computador pessoal ou smartphone, pode ser inseguro. A criação de outra cópia desses dados através de um backup garantirá que eles sejam armazenados e mantidos com segurança em outro lugar, caso seu dispositivo seja apagado ou roubado.

É importante reconhecer que a perda de dados não é algo que só acontece com grandes corporações ou vítimas em filmes de espionagem. Todos são suscetíveis à perda ou roubo de dados. O backup desses dados é um passo simples para proteger todas as suas informações e evitar que os cibercriminosos tomem o que não é deles.

Introdução ao armazenamento de dados

Os dados são um dos ativos mais importantes do mundo moderno. Como ilustramos anteriormente, as pessoas acumulam inúmeros arquivos que contêm informações valiosas que desejam manter em segurança. Felizmente, há duas formas comuns e baratas de um usuário armazenar seus dados e seus sempre importantes backups.

Armazenamento na nuvem

Embora “a nuvem” tenha se tornado uma palavra importante, sua definição ainda pode causar confusão. A nuvem existe em centros de dados remotos que você pode acessar através da Internet. Qualquer dado que você tenha carregado na nuvem existe em servidores dedicados e volumes de armazenamento alojados em armazéns distantes, muitas vezes situados em locais cheios de tais armazéns. Os centros de dados são de propriedade de provedores de serviços na nuvem, que são responsáveis por manter os servidores em funcionamento.

Para manter seus dados fisicamente seguros contra roubo e destruição, e para garantir que estejam disponíveis sempre que você quiser acessá-los, os centros de dados operam sistemas de refrigeração extensivos para evitar o superaquecimento do equipamento eletrônico. Além disso, têm pelo menos um gerador de reserva em caso de quedas de energia. Mas como eles garantem que esses dados fiquem seguros na mundo cibernético? Os sistemas em nuvem utilizam processos de autenticação como nomes de usuário e senhas para limitar o acesso, e criptografia de dados para proteger os dados roubados ou interceptados. Entretanto, é importante lembrar que as senhas podem ser descobertas. Normalmente, o prestador de serviços detém as chaves de criptografia de seus dados, o que significa que empregados desonestos poderiam, teoricamente, acessá-los. Da mesma forma, seus dados também podem ser potencialmente pesquisados e apreendidos por entidades governamentais.

Isto suscita a pergunta: confiar ou não confiar? Como as empresas de armazenamento em nuvem vivem e morrem por sua reputação, você pode ter certeza de que elas se esforçam ao máximo para usar as técnicas de segurança mais avançadas e fornecer o serviço mais confiável possível. Para ajudar a garantir a segurança de seus dados caso você opte por armazená-los ou fazer backup na nuvem, mantenha qualquer informação verdadeiramente sensível em uma nuvem privada atrás de um firewall.

Disco rígido externo

Com um disco rígido externo, você mesmo pode fazer backup manualmente de todos os seus dados e arquivos em um dispositivo físico, podendo acessá-lo em qualquer momento. Esses discos são uma maneira confiável de conseguir redundância de dados. Um disco rígido externo não depende do acesso à Internet como os serviços baseados na nuvem. É uma solução fácil para transferir dados a um novo dispositivo. Entretanto, o uso de discos rígidos externos requer uma abordagem mais prática para fazer o backup de seus dados. É sua responsabilidade fazer backups regularmente e armazenar seu disco rígido em um local seguro. Enquanto as soluções em nuvem oferecem enormes quantidades de armazenamento, o espaço de armazenamento em discos rígidos é limitado, portanto você pode ter que comprar mais de um dispositivo. Procure um drive externo com pelo menos um terabyte de espaço para acomodar todos os seus dados, o que tende a se acumular rapidamente.

Dê o pontapé inicial em sua limpeza digital

Quando limpar a garagem e arrumar sua casa, tenha o mesmo cuidado de fazer alguma limpeza digital neste Dia Mundial do Backup. Dê aos seus dispositivos, aplicativos e contas on-line uma boa limpeza. Fique tranquilo ao saber que todos os seus dados valiosos são armazenados em um lugar seguro… E que você tem um backup no caso de algo dar errado. Lembre-se: a proatividade vai muito além da segurança cibernética e da proteção de suas informações.

The post É o Dia Mundial do Backup! Veja como pode preservar seus arquivos appeared first on McAfee Blog.

Read More

Let’s play a game. Go to the Photos app on your phone and look at the total number of videos and images on your device – all those precious memories of family vacations, clips from your favorite concert, and the countless snapshots of your furry companion. Next, open your laptop or desktop and check to see how many documents you have saved — perhaps all the research reports you have saved to defend your graduate thesis or an important slideshow you’re presenting to your boss on Monday. If you had to guess, would you say the total number of these various pieces of data is into the thousands? Now imagine if all this data was suddenly gone. What would you do?  

You might be thinking, “That will never happen to me.” However, this situation is more common than you think. More than 60 million computers will fail worldwide this year, and over 200,000 smartphones are lost or stolen every year. That’s why we’re celebrating World Backup Day by sharing how you can properly back up your files and find peace of mind knowing that your data is safe and sound.  

What Are Backups and Why Are They Important? 

A backup is a separate copy of your important and sentimental digital files and information. Storing all that data in one place, like a personal computer or smartphone, can prove unsafe. Creating another copy of that data through a backup will ensure that it’s stored and kept safe somewhere else should your device get wiped or stolen. 

It’s important to recognize that data loss isn’t something that only happens to huge corporations or unsuspecting victims in spy movies. Everyone is susceptible to data loss or theft and backing up that data is an easy step to protect all your information and prevent cybercriminals from taking what isn’t theirs. 

Data Storage 101 

Data is one of the most important assets in the modern world. As we illustrated earlier, people collect countless files that contain valuable information they want to keep safe. Luckily, there are two common and inexpensive ways that a user can store their data and their ever-important backups.  

Cloud storage  

Although “the cloud” became a major buzzword years ago, its definition is still cloudy for some folks. The cloud exists in remote data centers that you can access via the internet. Any data you’ve uploaded to the cloud exists on dedicated servers and storage volumes housed in distant warehouses, often situated on campuses full of such warehouses. Data centers are owned by cloud service providers, who are responsible for keeping the servers up and running.  

To keep your data physically safe from theft and destruction, and to make sure it’s available whenever you want to access it, data centers run extensive cooling systems to keep the electronics from overheating and have at least one backup generator in case of power outages. But how do they make sure that this data is secure in the cybersphere? Cloud systems use authentication processes like usernames and passwords to limit access, and data encryption to protect data that is stolen or intercepted. However, it’s important to remember that passwords can be hacked. Typically, the service provider holds the encryption keys to your data, meaning that rogue employees could, theoretically, access it. Likewise, your data could also potentially be searched and seized by government entities. 

This begs the question: Trust or don’t trust? Because cloud storage companies live and die by their reputation, you can rest assured knowing that they go to great lengths to use the most advanced security techniques and provide the most reliable service possible. To help ensure the security of your data should you choose to store or back it up to the cloud, keep anything truly sensitive in a private cloud behind a firewall.  

External hard drive  

With an external hard drive, you can manually back up all your data and files yourself onto a physical device that you can access anytime. These drives are a reliable way to achieve data redundancy. An external hard drive doesn’t rely on internet access like cloud-based services and is an easy fix when transferring data to a new device. However, using external hard drives requires a more hands-on approach to backing up your data. It’s your responsibility to regularly perform backups yourself and store your hard drive in a safe location. While cloud solutions offer huge amounts of storage, storage space on hard drives are limited, so you may have to purchase more than one device. Look for an external drive with at least a terabyte of space to accommodate all your data, which tends to accumulate quickly. 

Kickstart Your Digital Spring Cleaning  

As you’re cleaning out your garage and tidying up your home, take the same care to do some digital spring cleaning this World Backup Day. Give your devices, apps, and online accounts a good decluttering and gain more peace of mind knowing that all your valuable data is stored in a safe, secure place … and that you have a backup in case something goes awry. Remember, proactivity goes a long way toward shoring up your cybersecurity and protecting your information.   

The post It’s World Backup Day! Here’s How You Can Preserve Your Files appeared first on McAfee Blog.

Read More

North Korean hackers have been exploiting a zero-day in Chrome.

The flaw, tracked as CVE-2022-0609, was exploited by two separate North Korean hacking groups. Both groups deployed the same exploit kit on websites that either belonged to legitimate organizations and were hacked or were set up for the express purpose of serving attack code on unsuspecting visitors. One group was dubbed Operation Dream Job, and it targeted more than 250 people working for 10 different companies. The other group, known as AppleJeus, targeted 85 users.

Details:

The attackers made use of an exploit kit that contained multiple stages and components in order to exploit targeted users. The attackers placed links to the exploit kit within hidden iframes, which they embedded on both websites they owned as well as some websites they compromised.

The kit initially serves some heavily obfuscated javascript used to fingerprint the target system. This script collected all available client information such as the user-agent, resolution, etc. and then sent it back to the exploitation server. If a set of unknown requirements were met, the client would be served a Chrome RCE exploit and some additional javascript. If the RCE was successful, the javascript would request the next stage referenced within the script as “SBX”, a common acronym for Sandbox Escape. We unfortunately were unable to recover any of the stages that followed the initial RCE.

Careful to protect their exploits, the attackers deployed multiple safeguards to make it difficult for security teams to recover any of the stages. These safeguards included:

Only serving the iframe at specific times, presumably when they knew an intended target would be visiting the site.
On some email campaigns the targets received links with unique IDs. This was potentially used to enforce a one-time-click policy for each link and allow the exploit kit to only be served once.
The exploit kit would AES encrypt each stage, including the clients’ responses with a session-specific key.
Additional stages were not served if the previous stage failed.

Although we recovered a Chrome RCE, we also found evidence where the attackers specifically checked for visitors using Safari on MacOS or Firefox (on any OS), and directed them to specific links on known exploitation servers. We did not recover any responses from those URLs.

If you’re a Chrome user, patch your system now.

Read More

ESET announced a host of changes to its cybersecurity product line Wednesday. Changes include making it easier to manage risks in its ESET Protect software, rebranding its Enterprise Inspector offering as ESET Inspect Cloud, and refreshing its endpoint solutions for Windows, macOS and Android.

ESET Inspect Cloud gives the company’s flagship product ESET Protect extended detection and response (XDR) capabilities, with the cloud offering able to identify post-execution malicious code and the protect solution able to provide security teams with full visibility into the response to the code. XDR capabilities include advanced threat hunting, incident response, full network visibility, and cloud-based threat defense,

To read this article in full, please click here

Read More

Texas-based cybersecurity vendor Praetorian has launched a new machine learning-based secrets scanner, called Nosey Parker, onto its Chariot Platform, which provides attack surface management and offensive security managed services. 

Nosey Parker is a machine learning-based service developed using the regular expression (regex) pattern matching technique to detect sensitive secrets like passwords, API keys, access tokens, asymmetric private keys, client secrets and credentials left inadvertently in source code and configuration files. 

To read this article in full, please click here

Read More

This blog was written by an independent guest blogger.

Credential stuffing attacks essentially doubled in number between 2020 and 2021. As reported by Help Net Security, researchers detected 2,831,028,247 credential stuffing attacks between October 2020 and September 2021—growth of 98% over the previous year. Of the sectors that did experience credential stuffing during that period, gaming, digital and social media, as well as financial services experienced the greatest volume of attacks. What’s more, the United Kingdom was one of the top three regions that launched the most credential stuffing attacks in the world, followed by Asia and North America.

Looking towards the rest of 2022, the security community expects the volume of credential stuffing attacks to grow even further. “Expect to see credential stuffing attacks double in number again in 2022,” noted Forbes.

Why is credential stuffing a concern for organizations?

First, the role of automation in credential stuffing makes it possible for anyone—even attackers with low levels of expertise—to perpetrate these attacks. A low barrier of entry helps to explain why credential stuffing is so pervasive and why it’s expected to continue in this way for 2022.

Let’s examine the flow of credential stuffing to illustrate this fact. According to the Open Web Application Security Project (OWASP), a credential stuffing attack begins when a malicious actor acquires compromised usernames and passwords from password dumps, data breaches, phishing campaigns, and other means. They then use automated tools to test those credentials across multiple websites including banks and social media platforms. If they succeed in authenticating themselves with a credential set, they can then conduct a password reuse attack, harvest the compromised account’s information/funds, and/or monetize it on the dark web.

Which brings us to our second reason why credential stuffing is so concerning: the impact of a successful attack can be far-reaching. The applications of a successful credential stuffing attack are tantamount to a data breach, so organizations can bet that all data privacy regulations will be enforced.

Meaning? Organizations could incur fines totaling millions of dollars in the aftermath of credential stuffing, per Cybersecurity Dive. Those penalties don’t include the costs that organizations will need to pay to understand the impact of the attack, figure out which data the malicious actors might have compromised, and remediate the incident. They also don’t cover the brand damage and legal fees that organizations could face after notifying their customers.

Credential stuffing defense best practices

To avoid the costs discussed above, organizations need to take action to defend themselves against a credential stuffing attack. Here are seven ways that they can do this.

1. Make credential stuffing defense an ongoing collaborative discussion

Organizations can’t tackle credential stuffing if there’s not even a discussion about the threat. Acknowledging this reality, TechRepublic recommends that organizations bring their security, fraud, and digital teams together to discuss credential stuffing, among other fraud trends, along with ways that they can use digital metrics to coordinate their defense efforts.

2. Implement multi-factor authentication

Credential stuffing hinges on the fact that malicious actors can translate access to a credential set into access to an account. Multi-factor authentication (MFA) denies this pivot point, as it forces attackers to also provide another factor such as an SMS-based text code or a fingerprint for authentication. This raises the barrier of taking over an account by forcing malicious actors to compromise those additional authentication factors in addition to the original credential set.

3. Use security awareness to familiarize employees with password best practices

Organizations can go a long way towards blocking a credential stuffing attack by cultivating their employees’ levels of security awareness. For instance, they can educate their employees on how malicious actors can leverage password reuse as part of a credential stuffing campaign. Per How-To Geek, organizations can also provide employees with a password manager for storing credentials that they’ve created in accordance with company password policies.

4. Analyze and baseline traffic for signs of credential stuffing

Infosecurity Magazine recommends that organizations create a baseline for their traffic including account activity. They can then use that baseline to monitor for anomalies such as a spike in failed login attempts and unusual account access requests.

5. Prevent users from securing their accounts with exposed passwords

The last thing security teams want is for their employees to use a password that’s been exposed in a previous security incident. Malicious actors use data breaches, information dumps, and other leaks to power automated tools used in credential stuffing, after all. Acknowledging this point, infosec personnel need to monitor the web for data breaches, information dumps, and other leaks that malicious actors could use to engage in credential stuffing. They can actively monitor the news for these types of incidents. They can also rely on receiving alerts from data breach tracking services such as Have I Been Pwned (HIBP).

6. Implement device fingerprinting

Infosec teams can use operating system, web browser version, language settings, and other attributes to fingerprint an employee’s device. They can then leverage that fingerprint to monitor for suspicious activity such as a user attempting to authenticate themselves with the device in a different country, noted Security Boulevard. If a circumstance like that arises, security teams can then prompt employees to submit additional authentication factors to confirm that someone hasn’t taken over their account.

7. Avoid using email addresses as user IDs

Password reuse isn’t the only factor that increases the risk of a credential stuffing attack. So too does the reuse of usernames and/or account IDs. Salt Security agrees with this statement.

“Credential stuffing relies on users leveraging the same usernames or account IDs across services,” it noted in a blog post. “The risk runs higher when the ID is an email address since it is easily obtained or guessed by attackers.”

Subsequently, organizations should consider using unique usernames that malicious actors can’t use for their authentication attempts across multiple web services.

Beating credential stuffing with the basics

Credential stuffing is one of the most prevalent forms of attack today. This popularity is possible because of how simple it is for malicious actors to obtain exposed sets of credentials on the web. However, as discussed above, it’s also simple for organizations to defend themselves against credential stuffing. They can do so in large part by focusing on the basics such as implementing MFA, awareness training, and baselining their traffic.

Read More

If you want to work remotely from home — or stay on the move as a digital nomad — you can thank zero trust for making that possible.

Read More