By Claire Umeda, Vice President, 4iQ
COVID-19 has introduced a host of issues that continue to upend our sense of normalcy. Although it may be the least of many people’s worries, the world of cybersecurity continues to see a significant increase in cyber-attacks on hospitals and phishing attempts on the general public stemming from the pandemic. In order to prevent exploitative cybercriminals from causing further damage to our personal privacy and our enterprise security during this vulnerable time, it is important that we understand how these threat actors operate. A good place to start is to examine recent trends in their activity as a way to anticipate future problems that may arise.
Recently, my firm, 4iQ, published its annual Identity Breach Report, which offers a unique perspective on cybersecurity trends from the past year. The biggest takeaway was that Exposed identity information – coming from breaches and leaks found in open sources on the surface, social and dark web – has become more intimate, which is fueling a wave of identity-based attacks around the world.
In 2019, there was a 10% increase in emails and passwords contained in data breaches compared to the year prior, and a 14% increase in personally identifiable information (PII). Cybercriminals are increasingly re-releasing big combo breach packages containing aggregated emails or usernames and associated clear-text passwords and combining them with data from newer, large-scale breaches. Our exposed credentials continue to recirculate, making the data even more accessible for identity-based attacks such as account takeover and Business Email Compromise. For example, in January 2019, the combo package “Sanixer Collections” included 1.8 billion usernames and clear-text passwords. If you think that was a lot, just a few months later, in May 2019, 3 billion identity records were dumped by XSS.IS.
The bottom line is that threat actors can compile all this exfiltrated information to create blueprints of our digital identities. They can then weaponize these blueprints to perpetrate more severe crimes, leading to irreparable financial and reputational losses.
With all of this PII already circulating online, people may feel powerless when it comes to breaches. However, something everyone can do to make data obsolete and prevent previously breached credentials from coming back to haunt you is to update your passwords post-breach. For all accounts, ensure you’re creating unique, complex passwords.
Another notable finding from our report is that the number of new, exposed identity records is growing steadily as well. 4iQ observed 4.2 billion new, authentic identity records last year, amounting to a 16.6% increase from 2018. Government breaches are also increasing year over year – our team validated 3,867 government breaches that exposed over 356 million records. Government breaches are especially dangerous because they can compromise both account details and character. For instance, if a nation-state or cybercrime group found out that a high-ranking government official frequented a questionable website, this could lead to blackmail and ultimately larger risks.
Government breaches are of particular concern currently for the U.S., given the 2020 presidential election is just months away and our report found that the U.S. faced the largest number of attacks of any nation last year. Further, we found that exposed identities in the U.S. represented 28% of all curated records detected in breaches in 2019.
Given the increase in breaches and identity records shown in our report, it’s an unfortunate truth that your personal information is most likely circulating in underground communities. The prices for identity data vary per record, but our findings indicate that average prices for Social Security numbers are roughly $67, passports sell for $53.25 and drivers’ licenses are $48.
Especially as we navigate these uncertain times, it is important to remain vigilant for suspicious cyber activity. If you receive an unusual, unsolicited email asking you to click an attachment or link or send financial information through your work email, promptly notify your company’s IT team.
The world of cybersecurity is constantly evolving, so it’s important that we keep pace with these new cyber threats. It’s never a bad idea to brush up on cyber best practices – credible organizations such as the FBI offer free resources online – or strengthen your password hygiene. Taking the necessary precautions today can go a long way to mitigate future cyber threats.