Our Views:
A selection of issues relevant to Forensic and Cyber Security matters during the last month. This month’s theme is “Password Security”.
Compromised Passwords
In 2012, around 164 million Linkedin passwords were compromised. The critical risks to the many Linkedin users wasn’t that their online ‘CV’ would be altered, rather whether they had used the same login and password on other accounts such as webmail. Linkedin sent an email shortly afterwards to affected users urging them to change any shared passwords. Passwords from such breaches continue to appear in fake emails, such as the recent ‘webcam’ scam where the subject line contains a password that was probably used by the recipient at some point. The sender says they have used that password to hack the recipient’s computer, install malware, and record video of the recipient through the webcam. The attackers say they will reveal adult-website habits and send video to contacts unless they are sent around $1,000 NZD of bitcoin.
More recently in January, media reported that at least nine New Zealand websites were caught up in one of the biggest password security breaches of all-time. The breach known as ‘Collection #1’ contains 772,904,991 compromised accounts. We recommend checking whether any of your organisations email addresses have been compromised in either this or any other compromise, by running a search on this website https://haveibeenpwned.com.
Password Managers
Passwords should be protected against compromise using appropriate tools and policies. One tool is a password manager, which is a secure storage location for all your different passwords. A password manager protects its contents by using a “master” password which should obviously be very strong. A good password manager can also generate secure passwords for you.
A password manager can either be installed locally on your computer or you can access the information from a cloud-based manager. Locally stored password managers should be backed up regularly in case of corruption. Cloud based password managers have the added advantage of being able to access passwords from multiple devices. Accounts can be further strengthened using Two/Multi Factor Authentication (or 2FA/MFA), where the method used can also be stored in the Password Manager.
Cloud Identity
With the proliferation of cloud services, it is not surprising the cloud vendors are providing password manager services built into their offerings. According to a recent media article citing Google, “Users expect agile, mobile work environments across multiple devices, and it’s reshaping how we think about security, access, and control. Admins want to give them this modern, forward-thinking experience, but they don’t want security to be compromised. The perimeter has disappeared.”
Faced with an ever-increasing threat of cyber-attack, a Cloud Identity system offers benefits such as screen locks, remote wipe, 2-Step verification, monitoring of password strength, assessments of your domain’s overall exposure to a data breach, and reporting on which particular users pose security risks.
About the Bulletin:
The NZ Incident Response Bulletin is a monthly high-level executive summary containing some of the most important news articles that have been published on Forensic and Cyber Security matters during the last month. Also included are articles written by Incident Response Solutions, covering topical matters. Each article contains a brief summary and if possible, includes a linked reference on the web for detailed information. The purpose of this resource is to assist Executives in keeping up to date from a high-level perspective with a sample of the latest Forensic and Cyber Security news.
To subscribe or to submit a contribution for an upcoming Bulletin, please either visit https://incidentresponse.co.nz/bulletin or send an email to bulletin@incidentresponse.co.nz with the subject line either “Subscribe”, “Unsubscribe”, or if you think there is something worth reporting, “Contribution”, along with the Webpage or URL in the contents. Access our Privacy Policy.
This Bulletin is prepared for general guidance and does not constitute formal advice. This information should not be relied on without obtaining specific formal advice. We do not make any representation as to the accuracy or completeness of the information contained within this Bulletin. Incident Response Solutions Limited does not accept any liability, responsibility or duty of care for any consequences of you or anyone else acting, or refraining to act, when relying on the information contained in this Bulletin or for any decision based on it.
Incident Response Solutions 