Hacker Reading Time: 3 minutes

For those of us who have a credit report, there’s a good chance that our sensitive personal information was exposed in a data breach at Equifax. They have since published steps to take to help protect information from being misused.

Although we are unlikely to know the full effects of the Equifax security breach any time soon, there are key actionable takeaways we can use to better protect ourselves from future security attacks.

1. Weak passwords matter

If you use weak passwords on any system, it makes the chances of it being coerced much higher. But people who use weak passwords also tend to use the same or similar passwords across multiple systems. If your password is “leadership”, then a hacker will check variants of that as well to see what other places you have used that password. Cyber attackers have built systems to automatically check obvious derivatives, adding numbers, and a symbol to the beginning or end are just the start. Using databases of known passwords allow them to quickly identify derivatives.

If you also use your corporate email address as your login name, then becoming an online copy of you is even easier. For example, if you use your corporate ID as a login for Linkedin, and that account is broken into, then the hacker can easily pretend to be you on Linkedin, speak to your clients, prospects and colleagues, and use this to socially engineer them into providing further private information.

Always use complex and/or long passwords to minimize this risk. Your IT department can help you force good password policy across your organization.

2. Pony Attacks

One of the ways that cyber attackers targeted Equifax customers was through the “pony” exploit. Pony malware is a Russian password stealer kit. It performs data exfiltration on the credentials of 90+ applications when it gains access to the machine. This type of malware can execute through a simple phishing attack or by a web application. Once the pony has its passwords, it deletes itself and becomes undetectable. There was also evidence of third-party application breaches, such as through LinkedIn, Dropbox, Forbes.com, Last.fm, and other hacktivism sets.

What this means is that malware was running on end users computers, and it stole their logins to multiple systems, including their login to Equifax. The only way to protect your users (and yourself) from malware infections is to run an Advanced Endpoint Protection (AEP) solution that both detects known malware and prevents infection from as yet unknown malware. Make sure all your endpoints are using an AEP solution that doesn’t just detect known malware, but also stops even unknown malware from infecting your systems.

3. The guidance of passwords issued by NIST have changed

Passwords are only one of many lines of defense, but it’s important to implement strong passwords using the best available practices. The National Institute of Standards and Technology (NIST) has published new guidance, and it’s worth noting. Here is the detail from NIST.

The guidance is this:

  • Use long passwords
  • Worry less about regularly changing them or using complex special character formats
  • Check passwords against list of commonly used ones,
  • Increase usability in creating and using passwords is more important than complexity.

I would encourage you to read the link above for full details, but the key thing is to make sure you and your users are aware that passwords  are just one link in the website security chain, and make use of advanced platforms for security monitoring and administration, such as the Comodo cWatch web and Comodo cWatch network platforms available for all sizes of business and enterprise. Your IT Department can ensure that good password policies are delivered across your organization.

A final word

As a final note, to keep informed about the evolution of malware around the globe, you can sign-up for the weekly Comodo Treat Intelligence Lab update at https://comodo.com/lab. It’s free and you will automatically receive a detailed weekly report on the spread of malware around the globe, plus when something important needs to be shared, we will also send you special reports.

What Is ITSM