Greater Internet passwords theft so far. A network of Russian bands dedicated to cybercrime has become with more than 1,200 million user names with their corresponding keys and some 500 million email addresses. Alex Holden, founder of Hold Security, a Milwaukee-based computer security firm, has discovered the security breach, explained to the country from the Black Hat in Las Vegas certainly annual appointment that the stolen material belongs to 420,000 websites around the world.
The intrusion affects both small firms and other large dedicated to providing Internet services. At the request of The New York Times, a stranger to Hold Security expert has certified the authenticity of the data with all the keys and stolen relevant data base.
The director of Hold Security is an old acquaintance in the world of computer shielding. A year ago he denounced the theft of millions of passwords for Adobe, creative company of webdesign, Photoshop programs.
With the pay-per-use of online programs and creations hosted on the cloud, the implications of these criminal acts are more relevant. In the case of Adobe were endangered both the numbers of credit cards such as the intellectual property of the users.
But in the new episode of theft of sensitive data has been unveiled on Wednesday the alert goes beyond what is known so far. The majority of those affected are unaware that their data are in the hands of criminals or have not done anything to fix it even.
Holden intends to create a free tool to make perpetrators of webs attacked those who certify the intrusion and can alert their customers. Since the case Heartbleed, which arose from a programming error and that became vulnerable to some pages, not produced a crack of such magnitude.
Holden came to the United States in 1989 and works as a security consultant for four years. He has dedicated the past seven months to this case without waiting for any compensation. "I know that after making it public expect me several conversations with the FBI, but it naturally. I just wanted to give notice and to demonstrate my knowledge. Now cooperate to give peace of mind to users and business owners". This expert refuses to identify the affected companies, although it details that they are not only of the United States.
Jaime Blasco (Madrid, 1986), director of AlienVault, based in San Francisco, security company explains how these passwords thieves: "Gather credentials email, Twitter, social networking services and then explores their databases".
Ángel Prado, director of security of the management of databases of Salesforce customers, like some keys: "Although the sacking of passwords is not something extremely innovative, the number of stolen credentials is unprecedented. The modus operandi of these individuals is to find vulnerabilities on web sites in an automated manner and extract sensitive information from different databases. Depending on how they are stored these credentials (plain text or encrypted), and depending on the algorithm used in your case, will be more or less easy to recover the original passwords. Once done, can validate them and test them in various sites of high-profile (banks, emails, sites e-commerce, etc.) "."
What most worries Prado is the use that can be given to these data: "a group of these features with access to 1.2 billion possible passwords will have the capacity to build algorithms and find long-term patterns generating methods of decryption more perfected".
Alberto García Illera, security expert, is now partner of meadow. In his opinion, such attacks "are not sophisticated, since not even own criminals found bugs, but they feed systems outdated or code developed by others. The problem is that not any level of sophistication is required to be able to make use of these codes and stealing the data of millions of people. It's not something that will surprise the technicians, but for people outside this world it draws much attention."
In United States an attack similar to that has uncovered now cost the position to the head of security of the Target supermarket chain. Blasco believes that it is possible to be the same group. "They are not only Russians, but different groups operating in the area. On the black market sold to weight, it is not too expensive, although I'd rather not give prices. In specialized forums sold one million of credentials from Gmail as a package".
This does not mean that Russia is free from attack. The own Holden, who has maintained communication with the Group of cybercriminals, ruled out a connection between Putin's Government and the evil-doers, but yes places them between Russia, Kazakhstan and Mongolia.
How to navigate safely
Blasco believes you can do very little to these situations. Caution recommended adopting routines that make browsing safer: "a good measure is to change passwords every two weeks and not repeat between different services. If one is stolen and prove in more places, they will do with the information. It is common sense, but almost never avoided." In this same line invites to try, provided they offer authentication in two steps: "Gmail already offers it. You enter the password with the keyboard, normally, then becomes an SMS mobile and temporary code that you should get. "For attacking someone should take his key, but also your phone, by reducing the possibilities of violation".
PRADO regretted the lack of protection of users and gives a similar recommendation: "should avoid repeating keys. At a minimum, must implement several rings of security: A dedicated and complex password for our personal email; another for electronic banking, one for online shopping, and others for different groups of common pages (blogs, communities online, etc.). In this way, if a server or database is attacked by a security breach, our main identity will not be affected".
"That does not panic", insists Holden, "If the passwords have been changed as it should be, may be that have expired". And added one last tip: "Try not to give too much personal information in online sites".
The intrusion affects both small firms and other large dedicated to providing Internet services. At the request of The New York Times, a stranger to Hold Security expert has certified the authenticity of the data with all the keys and stolen relevant data base.
The director of Hold Security is an old acquaintance in the world of computer shielding. A year ago he denounced the theft of millions of passwords for Adobe, creative company of webdesign, Photoshop programs.
With the pay-per-use of online programs and creations hosted on the cloud, the implications of these criminal acts are more relevant. In the case of Adobe were endangered both the numbers of credit cards such as the intellectual property of the users.
But in the new episode of theft of sensitive data has been unveiled on Wednesday the alert goes beyond what is known so far. The majority of those affected are unaware that their data are in the hands of criminals or have not done anything to fix it even.
Holden intends to create a free tool to make perpetrators of webs attacked those who certify the intrusion and can alert their customers. Since the case Heartbleed, which arose from a programming error and that became vulnerable to some pages, not produced a crack of such magnitude.
Holden came to the United States in 1989 and works as a security consultant for four years. He has dedicated the past seven months to this case without waiting for any compensation. "I know that after making it public expect me several conversations with the FBI, but it naturally. I just wanted to give notice and to demonstrate my knowledge. Now cooperate to give peace of mind to users and business owners". This expert refuses to identify the affected companies, although it details that they are not only of the United States.
Jaime Blasco (Madrid, 1986), director of AlienVault, based in San Francisco, security company explains how these passwords thieves: "Gather credentials email, Twitter, social networking services and then explores their databases".
Ángel Prado, director of security of the management of databases of Salesforce customers, like some keys: "Although the sacking of passwords is not something extremely innovative, the number of stolen credentials is unprecedented. The modus operandi of these individuals is to find vulnerabilities on web sites in an automated manner and extract sensitive information from different databases. Depending on how they are stored these credentials (plain text or encrypted), and depending on the algorithm used in your case, will be more or less easy to recover the original passwords. Once done, can validate them and test them in various sites of high-profile (banks, emails, sites e-commerce, etc.) "."
What most worries Prado is the use that can be given to these data: "a group of these features with access to 1.2 billion possible passwords will have the capacity to build algorithms and find long-term patterns generating methods of decryption more perfected".
Alberto García Illera, security expert, is now partner of meadow. In his opinion, such attacks "are not sophisticated, since not even own criminals found bugs, but they feed systems outdated or code developed by others. The problem is that not any level of sophistication is required to be able to make use of these codes and stealing the data of millions of people. It's not something that will surprise the technicians, but for people outside this world it draws much attention."
In United States an attack similar to that has uncovered now cost the position to the head of security of the Target supermarket chain. Blasco believes that it is possible to be the same group. "They are not only Russians, but different groups operating in the area. On the black market sold to weight, it is not too expensive, although I'd rather not give prices. In specialized forums sold one million of credentials from Gmail as a package".
This does not mean that Russia is free from attack. The own Holden, who has maintained communication with the Group of cybercriminals, ruled out a connection between Putin's Government and the evil-doers, but yes places them between Russia, Kazakhstan and Mongolia.
How to navigate safely
Blasco believes you can do very little to these situations. Caution recommended adopting routines that make browsing safer: "a good measure is to change passwords every two weeks and not repeat between different services. If one is stolen and prove in more places, they will do with the information. It is common sense, but almost never avoided." In this same line invites to try, provided they offer authentication in two steps: "Gmail already offers it. You enter the password with the keyboard, normally, then becomes an SMS mobile and temporary code that you should get. "For attacking someone should take his key, but also your phone, by reducing the possibilities of violation".
PRADO regretted the lack of protection of users and gives a similar recommendation: "should avoid repeating keys. At a minimum, must implement several rings of security: A dedicated and complex password for our personal email; another for electronic banking, one for online shopping, and others for different groups of common pages (blogs, communities online, etc.). In this way, if a server or database is attacked by a security breach, our main identity will not be affected".
"That does not panic", insists Holden, "If the passwords have been changed as it should be, may be that have expired". And added one last tip: "Try not to give too much personal information in online sites".
No comments:
Post a Comment