Hackers could impersonate legitimate users to gain access to organisational assets
Picture used for representational purpose. (Photo: PTI/File)
Chennai: With a Russian group reportedly hacking 1.2 billion usernames and passwords belonging to over 500 million email addresses, cyber experts feel that the hackers could impersonate legitimate users to gain access to organisational assets and confidential information to create havoc.
Andrey Dulkin, senior director of cyber innovation at CyberArk, an Israel based company focused on eliminating advanced cyber threats, says that the theft would result in three main threats - personal and sensitive information put at risk and could be used by criminals. The lost credentials could result in identity theft, and potentially the most significant for businesses, attackers could impersonate legitimate users to gain access to organisational assets and confidential information.
"Data breach incidents will no doubt continue to occur and their potentially severe consequences will only be mitigated by organisations tackling password security head-on. This can be achieved by identifying all privileged users and accounts, while managing and monitoring access and activity," he added.
Terming this attack 'tip of the iceberg', J. Prasanna, founder-trustee, Cyber Security & Privacy Foundation (CSPF), says that Russian hackers could perpetrate much larger attacks in the future. "Indian companies think if they get ISO 27001 certification they are technically sound and nobody can intrude into their network. On the contrary, ISO is a certification for the process not technology," he said.
Pointing out that companies could offer bounty programmes to hackers to identify vulnerabilities in their portal, Prasanna said that several social networking websites do it to plug the loopholes in their website.
"In the recent past several social networking sites got compromised and then conducted an audit closed all the leak points," he said.
( Source : dc )
Next Story
