Industry Credentials on Dark Web
Monday, June 6, 2016 @ 04:06 PM gHale
There are over 5,000 login credentials from industries like oil and gas and pharmaceuticals that can allow hackers access to various sections of an IT network belonging to the world’s top 100 companies.
These login credentials, complete with usernames, email addresses, and cleartext passwords are on the Darkweb, various paste sites, underground hacking forums, or posted online through accidental exposures, such as screenshots or photos, said researchers at UK-based security firm Anomali.
Most of the time, the cause of these data breaches end up tracked back to employees reusing work email and password combinations for personal accounts, or the opposite, when they use personal credentials for work-related accounts.
With the rise in mega data breaches, more and more of these personal accounts, complete with plaintext passwords, along with usernames and emails, are reaching the Internet.
Anomali researchers said in April, 40 employees from 23 of these big-name companies had their corporate work credentials exposed after a UK-based football website suffered a compromise and its data dumped online.
Anomali said the credentials spread across all business verticals, but a large amount belonged to employees from the oil and gas industry, pharmaceuticals, consumer goods, banking, telecommunications, and military.
Anomali researchers also said for these top 100 companies, attackers also registered around 527 Web domains with very similar names to the company’s name or brands.
These domains are perfect to use in phishing emails or Web-based phishing forms, having the ability to fool users they might be on the company’s official website.
“Cyber crime is rising at an astonishing rate, and it’s now a board-level issue for businesses,” said Jamie Stone, vice president of EMEA of Anomali. “The results of the report should be a wake-up call for these organizations, highlighting just how vulnerable they are in ways they might not even have considered.”