Memory like a goldphish? The problem with short-term approaches to cyber attacks

When we look back on 2018, it’s entirely possible that the year will be best remembered for the Facebook/Cambridge Analytica scandal, the first mass public awakening to the problem of data privacy.

In contrast, major data breaches suffered by Marriott International and Amazon many other major multinational businesses felt like a side-show. They may have generated headlines aplenty when the news first broke, but unlike the Facebook furor, they were never destined to endure in the public consciousness.

In fact, precious few breaches ever linger around the zeitgeist long enough to receive the public inquest they surely warrant. The businesses affected may lose a handful of disgruntled customers as they undertake their minimal obligations to notify and inform those whose details have been compromised, but the long-term damage is rarely significant.

This is ironic given that the wiliest cyber-criminals will be the ones who hold back from the temptation to immediately exploit the customer details they’ve pilfered. Think about it: in the immediate aftermath of a breach going public, companies, and customers, credit card firms and cybercrime agencies are all on red alert. The data is ‘hot’ – it’s the virtual equivalent of monitoring the airports and railway stations straight after a terrorist incident.

However, once the repercussions of the immediate damage – financial, legal, reputational – have passed, and each of the affected parties starts to let their guard down, we’ll see the shrewdest of hackers strike, not by causing another high-profile stir, but by seeking out the value of the personal or financial data gathered in the original breach.

As a consequence, we predict that 2019 will be the year of Zombie Phishing – the year in which ancient threats start coming back from the dead. Cybercriminals will exploit the vulnerabilities of individuals who have not heeded calls to change passwords or implement two-factor authentication, at least on some of their most important or vulnerable accounts. The value of harvested data doesn’t disappear once a breach has been uncovered; it takes customers proactively updating their information and security protections to mitigate the potential for exploitation further down the line.

Hence, over the next twelve months, we’ll see phishing phantoms re-emerging to target customers of a myriad global companies. Which hacker wouldn’t relish going back to the scene of the crime and exploiting the millions of existing customer profiles that they had stolen the previous year – adding to their haul of current data breaches?

Don’t believe us? Well, you can find out for yourself: head over to HaveIBeenPwnEd and check if your details – email addresses or passwords (because of course, you have dozens of unique passwords – one for every site you visit, right?!) – are already out in the wild. The sad truth is that practically everyone has had their details compromised at some stage in the past decade.

This is not an attempt to scaremonger. Indeed, zombie phishers are nothing to be afraid of, providing that you undertake the requisite due diligence to ensure that any details currently sat in hackers’ hands are consigned to the past tense. It may seem daunting, but start with our top tips and you’ll be well on your way to protecting your data:

  1. Check to see if your personal information is listed using a tool, such as HaveIBeenPwnEd. If your passwords show up as leaked, stop using them and change services that currently use that password. You won’t be able to tell if both your password and your identity have been leaked together, but it’s clearly not worth the risk.
  2. Keep passwords separate, strong and regularly updated.
  3. Implement two-factor authentication where possible, and always double check the source of any correspondence you’re not expecting. Avoid SMS two-factor, use an app based solution.
  4. Use built-in protections already available to you; from anti-phishing capabilities to the spam filter provided by services such as Gmail.

The onus is on you to stay one step ahead of the hackers, as sadly the evidence suggests that many organisations we entrust with our data are incapable of doing the same.

PUBLISHED BY

Rahul Powar

30 Jan. 2019

SHARE ARTICLE:

Categories

Recent Posts

VIEW ALL
News

Introducing DNS Guardian: Stop impersonation and spam caused by domain takeovers 

Rahul Powar

tl;dr: We’re thrilled to announce DNS Guardian — a new feature in Red Sift OnDMARC that can swiftly identify and stop domain takeovers that lead to malicious mail. Back in February, we shared updates with the community about SubdoMailing – an attack discovered by Guardio Labs. The attack was a form of subdomain takeover,…

Read more
Security

Navigating the Information Security Landscape: ISO 27001 vs. SOC 2

Red Sift

As cyber threats evolve, so do the standards and frameworks designed to combat them. Two of the most recognized standards in information security are ISO 27001 and SOC 2. What sets them apart, and which one is right for your organization? Let’s delve into the key differences. Purpose and Scope: Global Framework vs. Client-Centric…

Read more
News

G2 Summer 2024 Report: Red Sift OnDMARC’s Winning Streak Continues

Francesca Rünger-Field

We’re delighted to announce that Red Sift OnDMARC has again been named a Leader in G2’s DMARC category for Summer 2024. This recognition is based on our high Customer Satisfaction scores and strong market presence. Red Sift appeared in 11 reports – 5 new ones since Spring 2024! – earning 5 badges: A few…

Read more
News

Google will no longer trust Entrust certificates from October 2024

Red Sift

Tl;dr: Google has announced that as of October 31, 2024, Chrome will no longer trust certificates signed by Entrust root certificates. While there is no immediate impact on existing certificates or those issued before 31st October 2024, organizations should start reviewing their estate now. On Thursday 27th June 2024, Google announced that it had…

Read more
News

Understanding the polyfill.io domain attack

Francesca Rünger-Field

tl;dr: The recent compromise of the polyfill.io domain has triggered a broad-reaching web supply chain attack, impacting over 100,000 websites across various sectors including finance, healthcare, non-profits, academia, and more. To ensure the security of your website, we strongly advise you immediately remove any reference to polyfill.io. Latest update: 27th June 2024 Sansec, a…

Read more