On Tuesday evening, researchers from Hold Security revealed a frightening discovery: A sophisticated Russian hacking syndicate had pulled off the largest theft of internet credentials in history.
The group, named CyberVor, has amassed an astounding 1.2 billion unique username and password combinations from 420,000 websites, in addition to 500 million unique email addresses.
Amazingly, this group had operated undetected for years, despite heightened awareness of cyber crime around the globe.
What’s more, Hold Security says there may not be any way to bring the hackers to justice. You see, Russia simply allows cyber terrorists to operate at will, and considers them outside the law.
The targets of this most recent data breach are widespread.
USA Today reports that confidential material was gathered from the auto industry, oil companies, consulting firms, car rental businesses, hotels, computer hardware and software firms, and the food industry.
And even though these individual pieces of data aren’t particularly useful by themselves (credit card and social security numbers are far more lucrative than passwords), they can be used in conjunction to build personal profiles.
As Bloomberg reports, the Russian hackers could use the information they’ve obtained to create fully realized profiles, which they could then sell on the black market or use to obtain fake drivers licenses or passports.
Woody Hartzog, an Assistant Professor at the Cumberland School of Law at Samford University, said, “There are just so many ways information can be used to an individual’s disadvantage, even if the likelihood of such uses is speculative.”
Can Cyber Security Keep Up?
The recent wave of cyber crime – especially coming from Russia and China – is a massive problem.
According to a poll conducted by Defense News, leaders in national security policy, the military, congressional staff, and the defense industry believe that cyber security is the top threat to our national security.
Even the FBI admits that cyber security is a massive problem.
Former FBI Director Robert Mueller said that although terrorism remains the FBI’s top priority, “in the not-too-distant future we anticipate that the cyber threat will pose the greatest threat to our country.”
Meanwhile, it’s no surprise that the most recent data breach came from Russia. According to the Committee on Science, Space, and Technology, the Russian cyber crime industry is the source of at least a third of all viruses, Trojans, and other malicious software or malware sent around the world.
The problem is that the country has a huge organized crime structure that’s deeply invested in hacking. And why not? Stolen information can be extremely valuable. For example, the black market price for the several million credit card accounts stolen from the Target breach was between $26.60 and $44.80 each.
Unfortunately, it’s extremely difficult for cyber security companies to keep up with this type of crime.
For starters, the Russian government is reluctant to bring hackers to justice, meaning they continue to operate with impunity even after breaches such as the CyberVor heist are discovered.
On top of that, sophisticated hackers can often find ways around even the most robust security solutions.
For its part, the U.S. government knows it’s facing an uphill battle… and it’s preparing to spend billions of dollars on cyber security in the coming months and years.
It remains to be seen, though, whether security experts can get a leg up on cyber criminals.
In Pursuit of the Truth,