Protecting Your Business From Hackers: The Russian Crime Ring

Russian hackers steal 1.2 billion user name and password combinations and over 500 million email addresses. Are you at risk?

August 18, 2014 by Alex Collins, IT Services Consultant

Russian Hackers Featured

On August 5, 2014, The New York Times reported that a Russian crime ring had accumulated the largest known collection of stolen Internet credentials. According to security researchers, this breach included 1.2 billion user name and password combinations and more than 500 million email addresses.

Discovered by Hold Security in Milwaukee, the records included confidential material gathered from over 420,000 websites. Hold Security is the organization that identified the hack last year at Adobe Systems.

Chief Information Security Officer Alex Holden of Hold Security said the hackers hit anywhere they could from Fortune 500 companies to small businesses. The organization has begun alerting victimized companies to the breaches, but has not yet been able to contact every website. Hold Security is also trying to come up with an online tool that would allow individuals to securely test for their information in the database.

The hacking ring is based in a small city in south central Russia, the region between Kazakhstan and Mongolia. The group includes less than 12 men in their twenties. They began with spamming in 2011, buying stolen databases of personal information on the black market. In April it is believed they partnered with another group that may have shared hacking techniques. Hold Security is continuing to investigate the organization and how far it reaches.

While breaches from groups like the Russian hackers are becoming more prevalent, there are steps a business can take to protect itself. Here are some quick suggestions on how to be better protected.

  1. Passwords: Don’t use the same password for all online accounts. Change them every few months and use a combination of uppercase and lowercase letters, numbers, and special characters. The more complex the password, the tougher it is to crack.

  2. Authentication: Two-step authentication is a solid way to increase protection. With two-step authentication, every time a user logs in on a new device, the user needs to respond to an additional message, usually a SMS message on the phone.

  3. Virus protection: Make sure virus protection is installed on all devices and is kept up to date. Virus protection is an important line of defense against worms, viruses, and other electronic invasions. It is important to remember that business protection is not a “set it and forget it” type of situation. Protection requires ongoing audits, reviews, and updates in order to keep a network in top shape and completely protected.

Seek help: If needed, consider bringing in an outside agency that specializes in developing and implementing customized security plans for businesses of any size. These organizations can look at a business’s security plan with a fresh eye and make sure all is being done to keep the business secure.

The All Covered Difference

All Covered is here to work with you to set up, configure and monitor your IT Security to prevent security risks like hackers. Our goal is to protect your company’s data and to ensure you have the ability to recover from a disaster or data loss event quickly and effectively. Contact us today at (866)446-1133 for more information or to schedule a consultation.