Modern Day Pirates are After Your Passwords and are Selling Them on The Dark Web

Submitted by Daniel Gray on Wed, 08/ 14/ 19 - 11: 45 AM

Much like pirates of yesteryear, pirates today steal what's most important and sell it on the Dark Web. In the 17th century, pirates sailed the seven seas in search of ships to board and treasures to plunder. The Golden Age of Piracy only lasted from 1650 to 1730, and yet it was such a worldwide phenomenon that we still remember it today. Thousands of men and women turned to piracy because the timing was right for that enterprise to flourish. Precious metals, jewels, fabric, tobacco, cocoa, and rum shipped all around the world, and everyone wanted those commodities. A single ship carrying goods had very little protection from aggressive pirates. It took years for governments to build up their Navel fleets to combat these marauders.

Modern-day pirates are not so different. Today, they're sailing into the internet looking for ways to plunder your user information and sell it on the Dark Web. You can equate your business to that lone ship full of goods: out in the middle of nowhere, unprotected, and ripe for the taking. Understand that cyber pirates are searching the waters for businesses just like yours. Need an example? Let's look at a very large company who, you'd think, could afford some of the best cybersecurity available: Capital One Bank. They were recently hacked in a big way, and it's often even easier for these pirates to hack into smaller companies.

Capital One Breach

Between March and July of this year, one person collected stolen data from over 106 million customers. Capital One wasn't even aware that this massive breach was going on until they were notified on July 19th. The data stolen consisted of credit card numbers, bank account balances, credit history, and even home addresses. More alarming, however, is that they also stole customers' bank account numbers, Social Security numbers, and passwords.

After gaining access to the personal information, the hacker posted it to various sites and shopped around for potential buyers.  The information was posted online for about three months, which is more than enough time for cyber pirates to copy, compile and re-sell the stolen goods on the Dark Web.

Capital One estimates that this breach will cost them up to $150 million this year alone. But the real damage, as well as the costs, will impact the consumers who used Capital One and trusted the bank with their personal information.

What Happens After a Hack?  

After the pirates negotiate the sale of information on the Dark Web, what happens next? They begin plundering unprepared consumers, attempting to access password protected sites and databases. 80% of hacks are due to compromised usernames and passwords, and the number of hacks grows larger every year.

Personal passwords are among the most valuable pieces of information cyber criminals are looking for. After all, they can't withdraw money from your bank with just your account number. Most of us reuse the same passwords for multiple web sites, logins, and email accounts making matters worse. Gaining access to your stolen data, combined with your most common password, is like a pirate finding buried treasure!

Microsoft reports that they see over 10 million username/password pair attacks every day.

The Call to Piracy

During the Golden Age of Piracy, many skilled sailors and military personnel left their positions to pursue more lucrative careers as pirates. Overtaking and looting one cargo ship could earn a pirate more than what they used to make in a year. 

That situation is very similar today. Well-trained computer techs, engineers and even top-level employees are turning to hacking for easy money. In fact, the person who plundered the data from Capital One had high-level security clearance and compromised the firewall without Capital One noticing at all. You and your business are just like that lone ship waiting to be attacked. Consider yourself forewarned: these modern-day pirates are after your passwords... and so much more. 

What Can You Do?

Sooner or later these cyber pirates will find you and try to steal your information. You might not notice until your bank or credit card company calls after the damage is done. The best thing you can do is check the Dark Web to know if you're information is out there. Then, begin regularly monitoring for breaches.

In addition, train your employees on the dangers of these modern day pirates. Up to 95% of ALL cybersecurity breaches that hit small businesses are due to human error. You can avoid this with ongoing education.

Posted by Daniel Gray


LinkedIn

cyber security best practices, cyber security solutions, cybersecurity, small business cyber security