Memory like a goldphish? The problem with short-term approaches to cyber attacks

When we look back on 2018, it’s entirely possible that the year will be best remembered for the Facebook/Cambridge Analytica scandal, the first mass public awakening to the problem of data privacy.

In contrast, major data breaches suffered by Marriott International and Amazon many other major multinational businesses felt like a side-show. They may have generated headlines aplenty when the news first broke, but unlike the Facebook furor, they were never destined to endure in the public consciousness.

In fact, precious few breaches ever linger around the zeitgeist long enough to receive the public inquest they surely warrant. The businesses affected may lose a handful of disgruntled customers as they undertake their minimal obligations to notify and inform those whose details have been compromised, but the long-term damage is rarely significant.

This is ironic given that the wiliest cyber-criminals will be the ones who hold back from the temptation to immediately exploit the customer details they’ve pilfered. Think about it: in the immediate aftermath of a breach going public, companies, and customers, credit card firms and cybercrime agencies are all on red alert. The data is ‘hot’ – it’s the virtual equivalent of monitoring the airports and railway stations straight after a terrorist incident.

However, once the repercussions of the immediate damage – financial, legal, reputational – have passed, and each of the affected parties starts to let their guard down, we’ll see the shrewdest of hackers strike, not by causing another high-profile stir, but by seeking out the value of the personal or financial data gathered in the original breach.

As a consequence, we predict that 2019 will be the year of Zombie Phishing – the year in which ancient threats start coming back from the dead. Cybercriminals will exploit the vulnerabilities of individuals who have not heeded calls to change passwords or implement two-factor authentication, at least on some of their most important or vulnerable accounts. The value of harvested data doesn’t disappear once a breach has been uncovered; it takes customers proactively updating their information and security protections to mitigate the potential for exploitation further down the line.

Hence, over the next twelve months, we’ll see phishing phantoms re-emerging to target customers of a myriad global companies. Which hacker wouldn’t relish going back to the scene of the crime and exploiting the millions of existing customer profiles that they had stolen the previous year – adding to their haul of current data breaches?

Don’t believe us? Well, you can find out for yourself: head over to HaveIBeenPwnEd and check if your details – email addresses or passwords (because of course, you have dozens of unique passwords – one for every site you visit, right?!) – are already out in the wild. The sad truth is that practically everyone has had their details compromised at some stage in the past decade.

This is not an attempt to scaremonger. Indeed, zombie phishers are nothing to be afraid of, providing that you undertake the requisite due diligence to ensure that any details currently sat in hackers’ hands are consigned to the past tense. It may seem daunting, but start with our top tips and you’ll be well on your way to protecting your data:

  1. Check to see if your personal information is listed using a tool, such as HaveIBeenPwnEd. If your passwords show up as leaked, stop using them and change services that currently use that password. You won’t be able to tell if both your password and your identity have been leaked together, but it’s clearly not worth the risk.
  2. Keep passwords separate, strong and regularly updated.
  3. Implement two-factor authentication where possible, and always double check the source of any correspondence you’re not expecting. Avoid SMS two-factor, use an app based solution.
  4. Use built-in protections already available to you; from anti-phishing capabilities to the spam filter provided by services such as Gmail.

The onus is on you to stay one step ahead of the hackers, as sadly the evidence suggests that many organisations we entrust with our data are incapable of doing the same.

PUBLISHED BY

Rahul Powar

30 Jan. 2019

SHARE ARTICLE:

Categories

Recent Posts

VIEW ALL
News

Introducing DNS Guardian: Stop impersonation and spam caused by domain takeovers 

Rahul Powar

tl;dr: We’re thrilled to announce DNS Guardian — a new feature in Red Sift OnDMARC that can swiftly identify and stop domain takeovers that lead to malicious mail. Back in February, we shared updates with the community about SubdoMailing – an attack discovered by Guardio Labs. The attack was a form of subdomain takeover,…

Read more
News

Meet Red Sift Radar: The Skilled Up LLM That Finds and Fixes…

Rahul Powar

After months of beta testing and feedback, we are excited to announce that Red Sift Radar, our skilled up LLM offering seamless integration with Red Sift OnDMARC, is now commercially available.  With Red Sift Radar, security teams can detect exposures, prevent configuration drift, and classify assets or suspicious activity without adding additional headcount. By…

Read more
News

G2 Fall 2024 Report: Red Sift OnDMARC Wins Big

Francesca Rünger-Field

We’re delighted to share that Red Sift OnDMARC’s winning streak continues. This Fall, we’ve once again been named a Leader in G2’s DMARC category, achieving recognition in both the overall Leader category and Europe for the first time. This recognition is based on our high Customer Satisfaction scores and strong market presence. Red Sift…

Read more
Cybersecurity

Resilience Rising | Episode 3 with Kevin White

Red Sift

In this episode of Resilience Rising, Sean Costigan, Managing Director of Resilience Strategy at Red Sift, and Kevin White, Senior Operation Consultant with Enhanced Information Solutions, explore the critical intersection of wastewater management and cybersecurity.  The two highlight the health and operational impacts of cyber threats on water utilities, emphasizing the vulnerabilities due to…

Read more
Certificates

Your guide to PCI DSS 4.0 Cryptographic Requirements

Rebecca Warren

The Payment Card Industry Data Security Standard (PCI DSS) is a globally recognized framework designed to protect cardholder data during processing, storage, and transmission by merchants and service providers. PCI DSS outlines a set of stringent security controls that organizations handling payment card information must implement to mitigate the risk of data breaches and…

Read more