In response to the news that the hacking group Gnosticplayers has just dropped a 4th round of stolen records on the dark web market DreamMarket, experts with OneSpan, Centripetal Networks and CyberSaint offer perspective.
Byron Rashed, VP of Marketing at Centripetal Networks:
“This is a classic example of a highly skilled and motivated threat actor that has successfully infiltrated networks and exfiltrated high value data for sale in the underground economy. There are actually two issues. The first is organizations that fail to block or identify malicious IPs and domains. Network infiltration can be greatly mitigated by blocking these malicious sources. The second is the failure to protect [encrypt] data with strong encryption.Data not encrypted or weakly encrypted enables the threat actor to fully monetize the caches he is selling, making it highly profitable and more attractive to potential buyers.”
John Gunn, CMO at OneSpan:
The frequent and recurrent instances of anonymous hackers selling large quantities of stolen identities emphasizes the profound impunity of these crimes. Using modern hacking tools, criminals can operate with little risk of being caught or ever brought to justice and the result is billions of dollars of losses. To me, this is a strong argument in favor of allowing counter attacks against these anonymous parties by state and private organizations.
George Wrenn, CEO at CyberSaint Security:
“After four rounds of user records being put up for sale by this entity, there is a clear pattern that speaks to the way we utilize personal data today. This data — 26M records — was obtained within just the past few months. This is not a small incident, as mass amounts of individuals’ personal data is being sold. If anyone had any doubts before, this example should convince them that data truly is the new currency.”