Mind the hackers:

Financial losses are reaching billions of dollars, and about 30-40% of attacks are conducted by schoolkids of 14–16 years.

By Angelina Liparteliani, Marketing Assistant for PixelPin Ltd

Source: Wikimedia Commons

As it was estimated by World Economic Forum, the cost of dealing with cyber-attacks and other types of data breaches reached trillions of dollars in 2017 and just in few years will hit $8 trillion. Experts say that cybercrime is in top 3 of the most dangerous global risks, after extreme weather conditions and natural disasters. Moreover, companies tend to hide 80% of breaches intentionally and only 20% of them become public.

The big problem is that modern hackers are not individuals but big hacking groups. For example, Carbanak is a hacking group that was discovered in 2014 by UK/Russian Cyber Crime company Kaspersky Lab. The group specialised in stealing money from banks using phishing emails. Carbanak was responsible for stealing over 900 million dollars from banks in countries such as USA, Russia, Japan and Switzerland– 100 banks in total from 30 countries.

Hackers affect personal lives of people

In 2015, a group ‘The Impact Team’ stole user data from a commercial website called ‘Ashley Maddison’. Under the slogan “Life is short. Have an affair”, the company, Ashley Maddison, helped people to cheat on their spouses. The Impact Team claimed that they managed to steal logins, passwords, addresses, real names and credit card numbers of more than 37 million users of the website. They then threatened to make the data public if Ashley Maddison continued to operate. Ashley Maddison did not agree to accept the offer so the stolen data was released on the dark web. This meant that anyone with access to a dark web browser could access to other people’s personal information and check to see if the name of their spouse was on the list.

Consequences

Users filed a group lawsuit worth $567 million against the owners of the affairs website. Ashley Maddison agreed to pay about $11.2 million to users who suffered from the breach. However, what did this amount mean to the users? Some of them lost their spouses and children, some even committed suicide as a result.

The breach has allowed us to analyse the passwords of the leaked users. After analysing, it was discovered the passwords were very weak, despite the fact they’re meant to protect people’s personal secrets and wellbeing of their families:

We found that:

120 thousand users had the password “123456”;

48 thousand used the password “12345”;

40 thousand used “password”;

34 thousand had “DEFAULT”;

26 thousand used “123456789”;

20 thousand used “qwerty”.

Nearly 5 million users had only lowercase letters in their passwords, 4.5 million had only lowercase and a number and only 93 thousand included special character.

This shows that people are more likely to ignore the security of their online data themselves and tend to trust that service provider will care of their information for them. Should it mean to businesses that the time to illuminate weak 123456 passwords has already come?

In order not to miss the second part of the article, where we will share the most useful tips how to protect your user data and how to keep your web server secure follow our blog on medium.