In our November 12^th blog posts on Cyberbreach Remediation Costs, we said that in over 90% of corporate breaches, employee and client personal data is also stolen.

Two of the More Infamous Breach Headlines

November 16, 2022:  A hacker was selling the personal information of some 500 million WhatsApp users, from 84 countries, on the dark web. This cybercrook claimed to have up-to-date, personal details of 32 million users from the US, 11 million from the UK and 6 million from Germany, among others. It seems incredible that a hacker could gain access to so much valuable Intel.

Or it did until today.

Today, an article from CyberNews entitled “Mother of all breaches reveals 26 billion records: what we know so far”, sounded alarms around the world.

Its opening paragraph states: “The supermassive leak contains data from numerous previous breaches, comprising an astounding 12 terabytes of information, spanning over a mind-boggling 26 billion records. The leak, which contains LinkedIn, Twitter, Weibo, Tencent, and other platforms’ user data, is almost certainly the largest ever discovered.”

The article also talks about the millions of records that have been leaked from platforms you, your colleagues and other stakeholders likely use, including Twitter, LinkedIn, Adobe, Canva, Dropbox and many others.

Has something changed in terms of who is hacking and how?

When the Mother of All Breaches (MOAB), news broke, many wondered if something had changed in terms of cybercrime.

There’s no doubt that we are looking at a sea change in the way cybercrimes are perpetrated today. The hoodied hackers hiding in basements have morphed into well-organized and well-funded business owners – and hoodies have given way to Armani and Hugo Boss.

Cyber criminals are far more organized today than was the case even a couple of years ago.  Hacking, in one form or another, has become big business, not that it was not earlier on, but it is now structured that way, too.

One thing, we have seen the rise of Access Brokers. And access brokers similar to a real estate broker, except that instead of offering homes, these brokers are offering up confidential, proprietary corporate intel and individuals’ personal data.

Indeed, there has been a dramatic increase in the number of listings you will find on the dark web. By some estimations, 2023 saw a 200% increase over 2022, and things are continuing to escalate.

One the dark web you can find purveyors of new personas.

Perhaps you’d like to become a US citizen? For $4000 you can get a passport, driver’s licence, Social Security number and birth certificate that the seller claims to be bullet proof.

Don’t want to live in the US?

Then maybe you’d prefer to adopt the identify of a middle-age Canadian woman? All for the low price of $25 Canadian?  If identity theft, or creating fake IDs isn’t your  business model, and you simply want to earn some extra spending money, then there is a whole slew of options for you.

Among them, you can find vendors advertising credit cards for sale. For as little as $350 USD you can get 50 cards with credit limits from $1000 – $50,000, with available remaining credit, so the criminals can know how much they can charge on the card over the next day or so, without raising any red flags.

What’s scary is that anyone can get to a dot onion extension simply by downloading a TOR browser.

What can you do to protect your organisation?

Ensure that you…

• Protect your cloud, edge, network and endpoints – and invest in best in class solutions. This is definitely a situation where the old adage “Penny wise and pound foolish” most definitely applies.

• Establish /review your protocols and include the Principle of Least Privilege (PoLP) among your protocols. With PoLP, users s only have access to the specific resources, applications and data they need for the tasks they need to perform their specific roles in the company. Using this approach helps organisations reduce their attack surface and improve their security posture.

• Train your employees and do phishing and similar simulations from time to time.

• Hire a reputable third-party tech consulting firm to do a cybersecurity audit – and implement the recommendations, or at least have a plan for a phased-in approach, budget prohibits a full and immediate adoption of proposed solutions.

If you like more information, or would like help with your security assessment, please contact us at [email protected] or call us at 416.429.0796 or 1.877.238.9944 (toll free).