2020-04-01 23:30:43

Cyber(in)Security - The false sense of security

Alerts of criminal attacks on sensitive company information have been increasingly frequent in the news around the world. But recent news involving LinkedIn, the largest business social network created more than 10 years ago, drew attention by showing that data theft can be seen as a profitable medium and long-term investment.

A hacker reported that he had access to network user data during the successful attack on the LinkedIn database carried out in 2012 and that he decided to sell the list of access passwords for 6.5 million users. The asking price is about $8,000.00. The company reported that it has opened an investigation and cannot confirm whether the information is authentic, nor whether the number of compromised accounts is correct.

But this cannot take the focus away from the main problem!

The first step also doesn't bring anything new. To keep their accounts safe, at least until the next attack, users must change their passwords. Many have already done this immediately after the information was disseminated.

And then that false and dangerous sense of security appears again. Static passwords are an object of desire for hackers, given their ease of cracking. It turns out that the 2012 data theft, like other similar ones, must be analyzed from the perspective of the medium and long term and the criminals' objectives. We are talking about a risk that is difficult to measure because many employees around the world use the same credentials, usernames and passwords from their jobs to access LinkedIn, generating a proliferation of risks throughout the business world.

“We have the false impression that we are protected when we surf the Internet and this change in behavior requires greater alertness”.