Craig Cooper is an Information Security and Business Risk Intelligence Professional at Gurucul. In this op-ed, he discusses his thoughts on passwords and how they are becoming irrelevant to hackers.
On December 5, researchers probed the dark web, looking for stolen, leaked or lost data, and they found a treasure trove.
I was expecting this might include credentials from the Equifax mega breach. While Equifax was not mentioned, this discovery represents the most robust dark web list of stolen credentials known to date, including records from over 250 breaches along with “special” functionality to find privileged access credentials. Just enter ‘admin’ and over 220,000 admin users come up. The resources available to hackers today are staggering, and continuing to grow. . .
Innovation in advanced security analytics is striving to keep up.
Aetna is on the bleeding edge with their adoption of emerging security solutions to address the outdated password problem with behavior-based security authentication. Yet, there’s still the status quo attitude of so many organizations to contend with.
The last sentence of the dark web article says it all. “The reality (is) that current IT processes are out of step with the threats of today.”
Unfortunately, being “out of step”, can, in reality, mean “out of the running” for some businesses today.