Today’s “massive” password breach: a Webroot perspective

by

Share this news now.

Computer Password Security

First, this is not a blog about a big corporate breach, or a massive new discovery.  Rather, the researchers at Trustwave gained access to a botnet controller interface (the C&C element of a botnet) known as Pony and revealed the data within. Not surprisingly, as the vast majority of botnets target user credentials, this controller had a good deal of data related to passwords. While 2 million passwords might seem like a lot, it is really a drop in the bucket compared to many recent breaches. Think about Adobe who lost a minimum of 28 million, but is rumored to be closer to 130 million, login credentials to their services. Combine this with  the fact that many people use the same password for all online accounts.

Webroot SecureAnywhere users are protected against botnet and keylogging malware in a number of ways. First, we have great visibility into the threats our users are encountering and in the vast majority of cases are able to instantly identify malicious software, including those which record keystrokes – even commercially available keyloggers. Second, we have layered technology which looks to neutralize applications which aim to record keystrokes or screenshots. Webroot’s Identity Shield looks at over 2 dozen specific tactics used by these applications and prevents data collection from unknown applications.

While the Trustwave blog is interesting from a password strength perspective, as many passwords recorded were very weak, it isn’t groundbreaking news, or even the largest discovery of its kind. What it is, is confirmation that this type of information is highly valuable and that cybercriminals are using all tools available to compromise online user accounts. It is also a good reminder that using a strong password policy, even for your personal accounts, is a good way to improve your security. After all, a compromised password can be fixed by resetting your password.

Read the CNN article on Trustwave’s discovery here: http://money.cnn.com/2013/12/04/technology/security/passwords-stolen/


Share this news now.
Today’s “massive” password breach: a Webroot perspective by

Tags:



About the Author

Name: Grayson Milbourne
Role: Threat Team Member

Share this news now.

Grayson Milbourne is the Security Intelligence Director for Internet security company Webroot. Over the past nine years Milbourne has worked in various areas of the company, spending the past seven years focused on threat analysis. His areas of security intelligence expertise range from mobile to reversing to automation to cloud security. Grayson is also an avid participant in the security community and drives awareness of current threats by speaking at major events such as RSA and Virus Bulletin. Most recently, Grayson has been focusing on the growth of mobile malware and the risks associated with BYOD. Additionally, he writes and provides technical review for the Webroot blog.


Share this news now.
Today’s “massive” password breach: a Webroot perspective by