The report was based on recent findings from security firm Hold Security, and the Times described the breach as "the largest known collection of stolen Internet credentials."
Newer reports, however, are
skeptical of these claims. There are numerous details that Hold Security
has not disclosed, such as whether or not the stolen data was encrypted
(disguised as random characters for privacy purposes), which companies
and websites had been affected by the attack, and which countries the
information had been stolen from.
What's more, Hold is charging a $120 subscription to their services
in order to see whether or not you've been affected by the attack, as Forbes pointed out.
Joe Siegrist, CEO of password management platform LastPass,
said that this could make Hold Security's findings seem suspicious. The
fact that the firm is charging users a fee to see if their data has
been compromised could be a red flag, but it's difficult to be sure
without more information.
"It's just not how most people with breaches would react," he told
Business Insider. "If you have this kind of data you want to help people
and not kind of capitalize on them. It's definitely a little
suspicious."
The timing is also coincidental,
Siegrist said. Hacking experts and security researchers are currently
gathered at the Black Hat USA security conference in Las Vegas. Another
security conference called Def Con kicks off tomorrow too. It could be a
ploy to generate buzz at a time when cyber security is already in the
news.
"If he really does have all
these leaks, he should be letting other security researchers look at it
to help quantify what it is," Siergist said.
There's one detail, however,
that may make the attack seem more massive than it might have been.
CyberVor is believed to have obtained these stolen credentials over an
extended period of time. As Hold Security writes in its explanation of the situation, which The Verge observed, the hacking ring gained data from other cyber criminals on the black market before spreading its own attacks.
This means the CyberVors could
have purchased some of those 1.2 billion credentials from other hackers
—so the collection of credentials may not have entirely been the result
of their attack.
Thus, it may not make make sense
to directly compare this situation with the recent Target breach, in
which hackers from Easter Europe stole 40 million credit card numbers,
as the Times does in its story.
Although there are a lot of
unanswered questions, here's a brief overview of what we do know about
the breach based on information from Hold Security:
- The gang is believed to have amassed more than 1.2 billion unique password and username combinations and more than 500,000 email addresses.
- The hacking ring is said to have robbed 420,000 websites to obtain this information.
- The hackers have targeted both small personal websites and large companies, but Hold wouldn't disclose the names of any victims.
- According to The New York Times, some big companies are aware that their records have been stolen.
- The hackers are using botnets to obtain this information. Botnets allow hackers to affect thousands and thousands of computers with infected software that allows them to remotely control the victimized computer.
We've reached out to Hold Security to answer some of these questions. We'll update this article accordingly when we hear back.
No comments:
Post a Comment