Which Countries are the Top 5 Hackers? You May be Surprised

As I’ve mentioned before, hacking is big business. Whether to steal intellectual property, extort companies for a ransom, infecting systems to be used for spam or covert mining, or just outright stealing of cash, cybercriminals want what you’ve got.

Here at MicroData we manage many systems and I wanted to share some specs on a server we manage that readers may find interesting. The server in question hosts websites and in addition to the usual security measures we put into place on any Internet-facing server, we also install software that monitors login attempts and if too many failed attempts are made within a given time period, the IP address trying to login gets blocked. The address – and its general  geographic location – also gets logged.

So over the past 30 days, here’s the Top-5 list of countries where those hack attempts originated:

  • China (792)
  • USA (766)
  • Brazil (480)
  • India (355)
  • Russian Federation (205)

Seeing China and Russia on the list probably doesn’t surprise anyone, but having almost as many hack attempts from within the U.S. as from China usually does cause an eyebrow to rise. And most people are surprised that Brazil and India are so active in trying to access systems. They are almost never mentioned in popular press.

There are a couple of takeaways.

First, understand that these are automated attempts. It’s not personal so don’t think about it in that way. There is no human sitting at a keyboard trying different password combinations. The defenses your organization needs to have in place must protect against continuous, 24×7 attempts to get at your systems, data, and users.

Second, you need to be extra concerned if any of your user’s  credentials are on the Dark Web where they can be simply purchased. Hackers and their automated systems will endlessly try those credentials and thousands of variations. So a password change from ‘lollipop1’ to ‘lollipop2’ is almost useless – but it’s still what most users do. This is why even if hackers get an old password, they will be often successful in gaining access to a network or system.

Make sure you have a Dark Web monitoring solution in place like MicroData’s Dark Web Guardian. We now offer a small business package for organizations with up to 15 users for just $49.

Everyone stay safe out there!


 

 

“My Login Info/PII Isn’t on the Dark Web.” Let’s Find Out…

Unfortunately, most people that say this have little basis for the belief. The reality is that without monitoring it’s almost certain that some of your employees credentials are available for sale – or for free – out on the Dark Web and you’ll not know it. In 2017 we found 92% of organizations tested had compromises.

Here’s an example. I recently ran a quick scan on our local school system. I stopped the report after the first 190 compromises were found. And the report showed concerning details like failure to have implemented a complex password policy, setting a reasonable password depth, exposed Personally Identifiable Information (PII), etc.

Having the best firewalls and monitoring solutions in the world are useless if a cybercriminal has someone’s account info and password and just logs in.

I’m offering to help you find out at no cost or obligation. Visit this link and fill in your information and we’ll run a Dark Web scan for your domain at no cost and with no obligation. We’ll even give you a copy of our MicroData Dark Web Scan Action Guide that provides detailed recommendations on what to do if compromises are found.


 

Equifax Breach: It’s Worse than You Thought

Equifax has released more info about the data stolen by the hacks in 2017 and it’s pretty grim. According to a letter Equifax submitted to the SEC on Monday, here are the numbers of actual compromises:

  • 146.6  million names
  • 146.6 million D.O.B.
  • 145.5 million Social Security Numbers
  • 99 million addresses
  • 27.3 million gender
  • 20.3 million phone numbers
  • 17.6 million driver’s license numbers
  • 1.8 million email addresses (without credentials)
  • 209,000 credit card numbers and expiration dates
  • 97,500 tax ID numbers

And the following government issued IDs:

  • 38,000 Driver’s license numbers
  • 12,000 Social Security or Taxpayer ID Card
  • 3,200 passport or passport card

What’s the takeaway? You really need to be monitoring your personal credit info. And we don’t recommend LifeLock™ as ironically they use Equifax for monitoring. Take a look at SpotLight ID which I personally use and we recommend to our customers. SpotLight ID provides more comprehensive protection plus it’s about 1/3 less expensive than LifeLock.

Everyone stay safe out there!