“Information security attacks to steal large amounts of personal and business data, will continue and continue. Their results will get more severe, and organizations must deal first and foremost with their password security,” said Andrey Dulkin, CyberArk‘s head on cyber innovation, in a talk with People and Computers.
Dulkin made these comments after one of the biggest cyber attacks ever, made by a Russian hacker group that managed to gather 1.2 billion user names, passwords and other identity related data.
“This event brings up the main concern of so called ‘data keepers’, explained Dulkin, and added that “we’re talking about three main dangers, the first being that personal and sensitive information might be used by criminals. The second is that hackers use personal data for identity theft, and the third danger, most important to businesses, is that attackers will pose is legitimate users to get access to said businesses’ secured data and information. All three threats might show up in a much more acute way – since many users use the same personal log in data in both personal and business accounts.”
Dulkin sounded adamant about the importance of password security: “This is an important issue, as this large scaled attack show – despite the fact we’re constantly bombarded by stories on growing cyber threats, there is complacence about the importance of secured passwords; This is a problem to be dealt with – not to be seen as something which can’t be prevented.”
He concluded by saying that “It is important to remember that the management users in organizations. They have many authorizations and access to data on different networks. These authorizations are ‘keys to the Kingdome’, since they supply unlimited access to the enterprise’ most precious assets. If security isn’t handled properly, this organizations are sitting ducks, and must be able to identify malicious activities and act beforehand.”