A report titled “From Exposure to Takeover” by the cyber security firm, Digital Shadows Photon Research, gives us some valuable insights publishing the real degree of stolen account logins. After 18 months of auditing, these were discovered to be circulating on the dark web amongst cybercriminals. They had conducted their research by investigating criminal forums and market places to realize that the number of stolen usernames and passwords in circulation has increased by 300% since 2018.
From Exposure to Takeover
At least 15 billion credentials are at present circulating on numerous hacker forums, providing cybercriminals with material for account takeover attacks and identity renting services. These are consequences of more than 100,000 data breaches, of which over five billion are unique with no recurring credential pairs. The report alerts that there’s a “treasure trove of account details” accessible with stolen logins that include credentials, usernames and password pairs, for online banking, social media accounts, and music streaming services. This naturally implies the presence of two sets of account logins for every human being on earth.
“The sheer number of credentials available is staggering, and in just over the past one-and-a-half years, we’ve identified and alerted our customers to some 27 million credentials, which could directly affect them. Some of these exposed accounts can have (or have access to) incredibly sensitive information. Details exposed from one breach could be re-used to compromise accounts used elsewhere”, chief information security officer and VP of strategy at Digital Shadows, Rick Holland stated.
What is striking is that most of the exposed credentials were from consumers and not businesses as was typically expected. However, advertisements for corporate accounts unlocking critical systems are quite a common occurrence on such markets.
Commercial trading of data and the stolen login accounts
For accounts of non-financial services such as social media, streaming, cable, video games, VPN services, file sharing, adult, etc., login pairs were found to be the cheapest and cybercriminals reportedly give many of them for free. An average price of those for sale is $15.43 although the additional valuable credentials such as active bank account logins called for a premium. The average price for online banking and other financial services accounts was $70.91 each as these aggregate for about 25% of all advertisements for stolen login credentials. Nevertheless, these prices can spike to more than $500 for access to ‘high-profile accounts’.
The report further revealed that the prices took a sharper raise upwards in case of domain administrator accounts as these were capable of providing access to internal business networks. These accounts being precious to criminal hackers were usually sold by auction with prices around $3,139 to $120,000.
Measures that can be taken for better security
One most important and straightforward preventive action is to use a different password for every single account. This can be done by maintaining a unique password and using some form of two-factor authentication (2FA). Here, considering hardware-based authentication keys should be given priority. There are a vast number of password management applications that can help in keeping track of all of the details in a secure manner.
Secondly, organizations should be aware and ahead of such criminals by tracking where the details of their employees and customers could be compromised. But most fundamentally, being well-informed and rational is the critical factor to monitor any such breach of databases and take urgent steps that are paramount.