One Billion records Leaked due to Cyber Attack

IBM X-Force reported the leak of personally identifiable information (PII) online in 2014.

According to IBM research team, cyber attackers are using sophisticated approaches for online attacks including DDoS and the use of malware. They steal valuable and sensitive information and use it as identity theft to financial account details. Since 2013, there has been a rise of 25 percent in leaked records, reaching a lurch one billion. Most of these records were stolen from USA.

cyber attack

A number of high-profile attacks have been found to take place over the year. JPMorgan, Sony and several companies have been the victim of cyber attacks and consequently sensitive data of customer and employee records, email and communications was leaked.

The trend of digital attacks has increased over the past years and is improbably to setback.

The company mentioned in its quarterly report, published on Monday, that the use of “designer vulns” is also increasing. These designer vulnerabilities are taking tips from branded exploit kits including Sweet Orange and Blackhole, and are now being identified in memorable ways — such as Heartbleed, Shellshock and FREAK.

Three distinctive themes have been discovered by IBM research team which infuence on the security landscape over 2014. The distributing of private content, such as uploading personal or explicit photos on cloud services was not managed with care which resulted in data theft due to weak passwords and slack policies on brute-force authentication.

The critical vulnerabilities in the foundations of operating systems, open-source libraries and content management software have also been disclosed, which has resulted in the exploitation of websites.  Lenovo’s Superfish debacle is the most recent case concerning this trend. The Chinese PC maker bundled Superfish uses advertisement support software on products shipped between September 2014 and February 2015 and the software was able to obstruct SSL and TLS website connections then use a third-party library to modify the Windows networking stack and install a new root Certificate Authority (CA), leaving the door open for exploit.

According to the security team, there is a lack of fundamental security knowledge and care which allows for violation of data privacy. End-user password use, failure to change default passwords and poor verification processes also contribute to weak security.

Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

How To Create A Virtual Penetration Testing Lab At Home

In this article, I will demonstrate how to create your own virtual penetration testing lab at home. Creating a pentesting lab is must for...

The Importance of Cyber Security in The Medical Device Industry

Medical devices are a revolutionary aspect of healthcare - they connect doctors and patients, help diagnose and treat diseases. Some - like ECMO machines...

Top 5 Techniques Hackers Use to hack Social Media Accounts

These days, Social Media have become a significant need in our everyday life. It encourages us to associate and connect with anyone over the...

5 Top Programming Languages for Hacking

We live in the 21st century, which is very fast-changing. This is a century of competition for information and computing resources. Every year the...