One Billion records Leaked due to Cyber Attack

IBM X-Force reported the leak of personally identifiable information (PII) online in 2014.

According to IBM research team, cyber attackers are using sophisticated approaches for online attacks including DDoS and the use of malware. They steal valuable and sensitive information and use it as identity theft to financial account details. Since 2013, there has been a rise of 25 percent in leaked records, reaching a lurch one billion. Most of these records were stolen from USA.

cyber attack

A number of high-profile attacks have been found to take place over the year. JPMorgan, Sony and several companies have been the victim of cyber attacks and consequently sensitive data of customer and employee records, email and communications was leaked.

The trend of digital attacks has increased over the past years and is improbably to setback.

The company mentioned in its quarterly report, published on Monday, that the use of “designer vulns” is also increasing. These designer vulnerabilities are taking tips from branded exploit kits including Sweet Orange and Blackhole, and are now being identified in memorable ways — such as Heartbleed, Shellshock and FREAK.

Three distinctive themes have been discovered by IBM research team which infuence on the security landscape over 2014. The distributing of private content, such as uploading personal or explicit photos on cloud services was not managed with care which resulted in data theft due to weak passwords and slack policies on brute-force authentication.

The critical vulnerabilities in the foundations of operating systems, open-source libraries and content management software have also been disclosed, which has resulted in the exploitation of websites.  Lenovo’s Superfish debacle is the most recent case concerning this trend. The Chinese PC maker bundled Superfish uses advertisement support software on products shipped between September 2014 and February 2015 and the software was able to obstruct SSL and TLS website connections then use a third-party library to modify the Windows networking stack and install a new root Certificate Authority (CA), leaving the door open for exploit.

According to the security team, there is a lack of fundamental security knowledge and care which allows for violation of data privacy. End-user password use, failure to change default passwords and poor verification processes also contribute to weak security.

Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

How to Install Kali Linux on VirtualBox [Windows Host] in 2020

Kali Linux is a Debian based Linux distribution, released on the 13th March 2013 as a complete rebuild of BackTrack Linux. It is one of...

Acunetix v13 Release Introduces Groundbreaking Innovations

The newest release of the Acunetix Web Vulnerability Scanner further improves performance and premieres best-of-breed technologies London, United Kingdom – February 5, 2019 – Acunetix,...

What is Ethical Hacking, how to be an Ethical Hacker

Hacking is the process of discovering vulnerabilities in a system and using these found vulnerabilities by gaining unauthorized access into the system to perform...

Basic steps to ensure security Online!

Security concerns are growing day by day due to the growing interconnectivity and technology. Drastic things can happen if you be a little careless...