It was reported this morning that crooks on the Dark Web became victims of hacking themselves, after Dutch Police hijacked their accounts upon discovering they had reused old passwords. This comes soon after the Alphabay/ Hansa take down operation last week.
Andrew Clarke, EMEA Director at One Identity:
“The dutch police crime-fighting techniques high-lighted in the recent take-down of alphabay/hansa – and the ability to simply reuse accounts/passwords on another darkweb marketplace, Dream Market, to persue their targets is a clear demonstration of a poor practice by the user. Companies should think about how this sits in their own environment – and take away a lesson from it. Consider how many users accessing multiple systems use the same password for all of them – and the same password that may be used on social media sites and other personal sites. Any one of these personal sites could be compromised which has the knock-on effect of providing a route for business accounts to be accessed too. An urgent review of how users are controlled and managed within a company – and the adoption of robust identity and access management tools and procedures – has to be a priority for any company wanting to survive the onslaught of malicious threats emerging daily.”
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.