14 million US businesses are at risk of a hacker threat

“Hackers have breached half of the 28 million small businesses in the United States, according to the 2016 State of SMB Cybersecurity Report.”

 

source: CNBC

Hackers Are Having a Field Day with Stolen Credentials

“Login credentials have always been a weak link in cybersecurity’s protection chain, a situation that’s worsening. However, this trend could be reversed with a bit of effort from end users, website owners and software vendors.”

 

Source: Qualys Blog

Misuse of Stolen Credentials Unchecked, Out of Control

“A major data point stands out in the 2017 DBIR report: the percentage of hacking-related breaches involving the misuse of stolen or weak credentials has reached 81%, effectively putting it front and center in terms of tactics being leveraged by attackers.”

 

Source: Verizon’s Data Breach Investigations Report (DBIR)

Sabre Says Stolen Credentials Led to Breach

“Travel industry giant Sabre said Wednesday an intruder using stolen account credentials for its widely used reservations software had access to payment card details and personal information over a seven-month period.”

 

Source: Bank Info Security

Yahoo - Hacked

Over 3 Billion accounts hacked

LinkedIn - Hacked

117 Million LinkedIn Emails And Passwords

Uber - Hacked

The company is yet to confirm the hack attack claims

Equifax - Hacked

143 Million People affected

Stolen user credentials are being sold online, on the dark web and on the deep web for as little as $0.10 per record. Cybercriminals are reusing passwords and login credentials to cause financial damage to companies and to their customers, vendors. Your account could have been compromised for no fault of your own. Estimated 50% of businesses in the U.S. have been already compromised.

Did you know if your login credentials surfaced on one of few hundred thousand websites you have not even heard about? How many of your company’s login credentials were compromised because of:

  • Employee error
  • Vendor hack
  • Client hack
  • Social media hack
  • Targeted attack
  • Malware attack

Or does it even matter at this point? Would you like to know if any of your business login credentials were leaked on the deep web?

My vendor got hacked

Famous Target breach happened because of a compromised vendor. Are you confident none of your vendors were compromised? Maybe they did not know they were? Neiman Marcus did not know they were hacked until FBI knocked on their doors.

Social Media

Did you or any of your employees reuse their login passwords on Social Media? About 67% users reuse passwords; cybercriminals can exploit it by trying stolen login credentials for other online services to gain access to company’s data.

Free movies
There is no such thing as free movies online, yet many people keep downloading malware infected videos. Most if not all of those computers were compromised and all of its data could have been stolen. Some employees by mistake shared “My Documents” and exposed company’s documents online.
Macs don't get viruses
It is an old misconception that macs don’t get viruses. There are plenty of risks and Macs haven’t managed to avoid them completely, macs can get infected. According to a report from Malwarebytes there has been a 230% increase in Mac malware this year, and that the Mac App Store is being overcome by scam software, a previously relatively small issue.
Can you name 3 ways to leak credentials?
  • Use of botnets and malware
  • P2P file leaks
  • Keyloggers
  • Disgruntled employee
  • Phishing sites
  • Fake login sites
Is your mobile device secure?

Most people store a lot of confidential data on mobile devices. Most people don’t frequently update or secure their devices. Are your employees using insecure personal devices for business purposes? Can those devices leak identities?

Mobile Apps
Do you know which mobile apps are malicious and have already gained access to your mobile device(s)? Did you have any passwords on it?

How bad is it out there?

With few billion of compromised identities, there is a high chance your corporate identity is already available for sale on the underground market. It can be purchased for $0.10 – $1 and used to cause plenty of problems for your company.

We can monitor dark web for stolen IDs

Our service is designed to help both public and private sector organizations detect and mitigate cyber threats that leverage stolen
email addresses and passwords. We leverage a combination of human and artificial intelligence that scours botnets, criminal chat rooms, blogs, websites and bulletin boards, Peer to Peer networks, forums, private networks, and other black-market sites 24/7, 365 days a year to identify stolen credentials and other personally identifiable information (PII).

CCN is able to offer this service because of valuable partnerships with other companies. We accomplish this by looking specifically for our clients’ top-level email domains and in some cases IP addresses. When a credential is identified, it gets harvested. Many websites such as Pastebin are being monitored, a lot of data originates from sites that require credibility or a membership within the hacker community to enter. To that end, we monitor close to 1,000 distinct Internet relay chatroom (IRC) channels, over half of million private websites, 800 twitter feeds. Our platform executes tens of thousands of queries per day, real people with years of dark web experience are in the driver seat.

N

24/7 Monitoring

We keep monitoring hundreds of websites for your stolen credentials.
N

Daily reports

We will send you daily reports if any of your data surfaced on identity theft forums.
N

Monthly reports

We will send you monthly summative reports listing all stolen credentials we were able to find.
N

Be Proactive

You can’t control your business partners, but we can monitor if any of them leaked your login credentials.

Tell me if my company IDs were sold on the Dark Web

5 + 2 =