Memory like a goldphish? The problem with short-term approaches to cyber attacks

When we look back on 2018, it’s entirely possible that the year will be best remembered for the Facebook/Cambridge Analytica scandal, the first mass public awakening to the problem of data privacy.

In contrast, major data breaches suffered by Marriott International and Amazon many other major multinational businesses felt like a side-show. They may have generated headlines aplenty when the news first broke, but unlike the Facebook furor, they were never destined to endure in the public consciousness.

In fact, precious few breaches ever linger around the zeitgeist long enough to receive the public inquest they surely warrant. The businesses affected may lose a handful of disgruntled customers as they undertake their minimal obligations to notify and inform those whose details have been compromised, but the long-term damage is rarely significant.

This is ironic given that the wiliest cyber-criminals will be the ones who hold back from the temptation to immediately exploit the customer details they’ve pilfered. Think about it: in the immediate aftermath of a breach going public, companies, and customers, credit card firms and cybercrime agencies are all on red alert. The data is ‘hot’ – it’s the virtual equivalent of monitoring the airports and railway stations straight after a terrorist incident.

However, once the repercussions of the immediate damage – financial, legal, reputational – have passed, and each of the affected parties starts to let their guard down, we’ll see the shrewdest of hackers strike, not by causing another high-profile stir, but by seeking out the value of the personal or financial data gathered in the original breach.

As a consequence, we predict that 2019 will be the year of Zombie Phishing – the year in which ancient threats start coming back from the dead. Cybercriminals will exploit the vulnerabilities of individuals who have not heeded calls to change passwords or implement two-factor authentication, at least on some of their most important or vulnerable accounts. The value of harvested data doesn’t disappear once a breach has been uncovered; it takes customers proactively updating their information and security protections to mitigate the potential for exploitation further down the line.

Hence, over the next twelve months, we’ll see phishing phantoms re-emerging to target customers of a myriad global companies. Which hacker wouldn’t relish going back to the scene of the crime and exploiting the millions of existing customer profiles that they had stolen the previous year – adding to their haul of current data breaches?

Don’t believe us? Well, you can find out for yourself: head over to HaveIBeenPwnEd and check if your details – email addresses or passwords (because of course, you have dozens of unique passwords – one for every site you visit, right?!) – are already out in the wild. The sad truth is that practically everyone has had their details compromised at some stage in the past decade.

This is not an attempt to scaremonger. Indeed, zombie phishers are nothing to be afraid of, providing that you undertake the requisite due diligence to ensure that any details currently sat in hackers’ hands are consigned to the past tense. It may seem daunting, but start with our top tips and you’ll be well on your way to protecting your data:

  1. Check to see if your personal information is listed using a tool, such as HaveIBeenPwnEd. If your passwords show up as leaked, stop using them and change services that currently use that password. You won’t be able to tell if both your password and your identity have been leaked together, but it’s clearly not worth the risk.
  2. Keep passwords separate, strong and regularly updated.
  3. Implement two-factor authentication where possible, and always double check the source of any correspondence you’re not expecting. Avoid SMS two-factor, use an app based solution.
  4. Use built-in protections already available to you; from anti-phishing capabilities to the spam filter provided by services such as Gmail.

The onus is on you to stay one step ahead of the hackers, as sadly the evidence suggests that many organisations we entrust with our data are incapable of doing the same.

PUBLISHED BY

Rahul Powar

30 Jan. 2019

SHARE ARTICLE:

Categories

Recent Posts

VIEW ALL
News

Winter wins: Red Sift OnDMARC wraps up 2024 as a G2 DMARC…

Francesca Rünger-Field

The season of giving has brought us another reason to celebrate! Red Sift OnDMARC continues its winning streak in G2’s Winter 2025 report, earning Leader status in the DMARC category for another consecutive season. This recognition reflects our strong market presence and the unwavering satisfaction of our customers. Cheers to wrapping up 2024 on…

Read more
AI

Text classification in the age of LLMs

Phong Nguyen

As natural language processing (NLP) advances, text classification remains a foundational task with applications in spam detection, sentiment analysis, topic categorization, and more. Traditionally, this task depended on rule-based systems and classical machine learning algorithms. However, the emergence of deep learning, transformer architectures, and Large Language Models (LLMs) has transformed text classification, allowing for…

Read more
Security

How to drive cybersecurity as a top business priority

Jack Lilley

Everyone has a role to play in protecting the enterprise. Whether you’re shaping strategy or implementing solutions, aligning efforts to mitigate critical risks ensures a stronger, more resilient enterprise. If you missed Red Sift’s recent webinar on “From Data to Buy-In: Driving Cybersecurity as a Top Business Priority” we’ve got you covered. The session…

Read more
DMARC

BreakSPF: How to mitigate the attack

Red Sift

BreakSPF is a newly identified attack framework that exploits misconfigurations in the Sender Policy Framework (SPF) a widely used email authentication protocol. A common misconfiguration involves overly permissive IP ranges, where SPF records allow large blocks of IP addresses to send emails on behalf of a domain. These ranges often include shared infrastructures like…

Read more