The Era of Accidental Breaches
The former 6th Director of the FBI wasn’t just speaking in hyperbole. He was spot on, and we see it everyday.
Our team continuously scans the deep and dark web indexing known and unknown breaches. This allows us to alert clients when their sensitive information — credentials, documents, intellectual property — are exposed. Time is of the essence. The sooner organizations and individuals know about the breach, change credentials, and lockdown networks, the less damage occurs.
Consider this: Recently, the Federal Trade Commission posted a database of fake consumer data on a site frequently visited by hackers. It took criminals a mere nine minutes to access it. And there were 1,200 attempts to use it to pay for food, clothing, games, online dating memberships and who-knows-what.
Not all of the information available on the dark web starts out as stolen. Incredibly, much of it is exposed by accident — misconfigured server settings, unsecured backups and other accidents. The amount of information released this way is growing rapidly, in part due to the increasing number of cloud infrastructures. But whether the information is out there due to crooks or carelessness doesn’t matter much. If it isn’t secured quickly, it will be used for ill intent.
Everyday, we uncover countless instances of intentionally and unintentionally exposed information that the owners/victims are often unaware of and, consequently, are unable to do anything about.
Here are just a few recent examples of our findings:
- Unbeknownst to an Indian shipping company, 300,000 of its documents (photos of shipping containers before they were filled and after, the bill of lading, government documents, etc.) were recently on the dark web, exposed for anyone to see.
In the hands of competitors or crooks, the documents could cause significant damage to the company and its customers.
- Detailed information about visitors to three residential buildings in a Korean city were exposed on the dark web, likely by accident. The information, captured by IoT video intercoms, included photos of the guests, date and time of entry, the apartment they were visiting and other information.
- Highly detailed architectural plans for a major new shopping center in Malaysia were left unprotected. The plans included emergency exits, detailed information about utilities and other information which could put property and people at risk.
- Regrettably, exposed health records are all too common on the dark web. However, we found records from a Chinese hospital system that included startling levels of detail, such as email addresses, x-rays and other scans, and other highly personal information.
So what is the point?
When an organization’s information is exposed on the dark web, the circle of people and organizations that are threatened is enormous. The example of exposed health records above included more than 25 GB of highly private information on tens of thousands of people who had no idea.
The large scale breaches that are reported in the news — Adobe, Yahoo, Dropbox — involve “basic” information, such as usernames, passwords, and credit card details. The examples above, however, highlight how lesser-known incidents involve layers of information that can be more revealing and potentially dangerous. This is the type of data 4iQ specializes in, and when we find it, we inform the owner.
Companies need to do a better job of either preventing their information from getting into the wild, or having an early warning system that enables them to secure their networks as soon as it does.
So Robert Mueller was right. Companies have either been hacked or they just don’t know about it yet. And while it’s still difficult to prevent 100% of hacks, it’s no longer acceptable to not know about it.
4iQ protects companies and individuals by monitoring the Deep and Dark Web for stolen credentials, leaked personal information and confidential documents. We then alert individuals and organizations in real-time if and when information has been compromised.