Categories: Uncategorized

Why Do Hackers Keep Stealing The Same Consumer Data? Credential stuffing method.

At a recent lunch meeting of Wall Street investors, the topic of the day was cybersecurity.  A few of the people in the room had invested in new security technologies, but most were more interested in the inability to slow or stop the attacks that make it into the media.

Wall Street Investor Meeting

The Equifax and Marriott breaches – two of the most recent high profile cyberattacks – were still fresh memories and had personally impacted every person in the room. It didn’t take long for the group accustomed to picking apart the business models of companies to get around to a discussion of how do hackers make money and why do they steal the same data over and over again?

Breaches from which everyone suffered

This group was no doubt reflective of most executives who lead companies – small and large. They don’t think of hackers has highly organized, sophisticated businesses that operate globally. They are.

IT leaders know their adversaries may be associated with organized crime with a profit motive or they may be affiliated (if not part of) a Nation-State that is more interested in confidential information or disruption.  There is big money in all three endeavors along with significant risks – and the Wall Street group quickly grasped that concept.

But, the jaws dropped when they told the reason behind the repeated attacks: Not your credit or debit card data (although those have value), but your personal information plus passwords. With that simple information that just about every company keeps, attackers can wreak havoc using automated tools.

The easiest type of cyberattack

One of the most simple and prevalent attack vectors is “credential stuffing.” Using simple programs that don’t require much technical skill, a hacker can load entire lists of contact information and passwords obtained from a data breach to seek and access other accounts with the same credentials. Since most people use the same password for multiple accounts, the odds are in a hacker’s favor they will find online banking, credit card accounts, or business information that can be exploited.

Use a credential stuffing attack to access a business account, and a hacker can find their way from one company’s system to another, extracting valuable data as they go. It’s that last part that keeps hackers coming back for more.  People change their passwords, so a password file with updates becomes valuable. People move, so an address file becomes valuable. And so on. More data means more attacks. More attacks translate into more data to sell.

Small and medium businesses are the least prepared and most vulnerable to these type of attacks for the same reasons the Wall Street group was surprised at the real motivation of hackers.  SMBs don’t think they are big enough or their information is not valuable enough to make them a target, according to the National Small Business Association.

Nothing could be further from the truth.

 

 

Ron Samson

Recent Posts

NOC vs SOC: How to Choose the Best Option for Your IT Infrastructure

In today's digitized world, the protection of a business's IT infrastructure has become more crucial…

2 weeks ago

SIEM and SOC: Key Differences and Why You Need Both

As cybersecurity threats grow more complex, organizations are turning to advanced solutions to protect their…

2 weeks ago

SIEM vs EDR: A Comprehensive Guide to Their Strengths and Uses

In the world of cybersecurity, two powerful tools frequently come up in discussions around threat…

3 weeks ago

SIEM Security Tool vs. Traditional Monitoring: What’s the Difference?

In the ever-evolving cybersecurity landscape, businesses are increasingly looking for ways to protect their data…

4 weeks ago

Choosing the Right Managed SIEM Solutions for Your Organization

In an increasingly digital world, businesses must be able to monitor, detect, and respond to…

4 weeks ago

What Does EDR Stand For in Threat Management?

In today’s digital world, security is a priority for every business, regardless of size. Cyber…

1 month ago