One Article Review
| Source |  AlienVault Blog |
|---|---|
| Identifiant | 997081 |
| Date de publication | 2019-01-17 14:00:00 (vue: 2019-01-17 16:01:23) |
| Titre | The Dark Web has a Serious Deduplication Problem |
| Texte | In a post released on 1/8/19, I wrote about the record number of breaches in 2018. This brought to mind a podcast that I was listening to a few days back hosted by Corey Nachreiner, CTO of WatchGuard Technologies, Inc. on his 443 Podcast. Corey discussed the potential data deduplication problem on the Dark Web. This article will attempt to break down how this can happen and how this can cause issues not only for users of the Dark Web, but also for those whose data has been stolen and placed on the Dark Web for purchase. The breaches of 2018 were vast and widespread, affecting businesses from fast food to department stores to airlines with record amounts of data being lost. If you look at just the breaches I referenced in the previous article, total PII records counts are over one billion in the United States. In India, every citizen in the country had their data compromised with the breach of Aadhaar, the Indian biometric IT program owned and operated by the government of India. The Aadhar breach alone accounted for 1.1 Billion records lost to hackers. Researching this, I discovered that for just the US-based hacks in the article, Americans and foreign travelers doing business with one of the breached companies had a total of 1.3 billion records stolen. If you figure there are approximately 330 million citizens of the United States and if every person in the US was affected they would have their personally identifiable information exposed to the Dark Web approximately 4 times. While that may not seem like a lot, please consider that it would be nearly impossible for every US citizen to be breached. The US does not have a mandatory centralized identification system as the Indian government has. Then, of course, not all 330 million Americans were affected by these breaches due to lack of exposure to affected breached sites, age, and other factors. Let’s say that 150 million Americans were affected in some way - which would mean that about half of all US citizens were affected by the breaches of 2018. Let’s also assume that another 150 million citizens of other countries were affected by the breaches of 2018. That would calculate to 300 million total people affected by the breaches of 2018. With a nice round number like 300 million people being affected one could assume there would be some duplicate records. With that being said, there are probably a lot of duplicate records. The total number of records duplicated per affected person I calculate at 4.333 records. This is admittedly a pretty arbitrary number, considering some people are more active than others on the web or at a particular retailer. Some people fly frequently, while others may not fly or stay in hotels at all. But this is an estimate to work with. From the results of the 2018 breaches, it is fairly safe to say that a very large number of people globally had their PII stolen and many of those had the information stolen several times. Each time a little more and different information was stolen. Many people look at a cyber breach as a big, scary and mysterious thing. What they should be more concerned with is that their data is stolen multiple times, from different sources. A lot of information stolen is static, like social security numbers and driver’s license numbers; however, much of it is not. You can change your credit card numbers, passport numbers, addresses, and phone numbers. You can even improve your health or change it in some way that would make the stolen data inaccurate. Once you look at the statistics from the 2018 breaches and th |
| Envoyé | Oui |
| Condensat | americans 000 1/8/19 150 2018 300 330 333 443 aadhaar aadhar able about above accounted accurate across active addresses admittedly affected affecting age aggregated airlines all almost alone also americans amounts analysis another approximately arbitrary are article artificial assume assumption attempt back based basic been being big billion biometric breach breached breaches break brought business businesses but calculate can card cause centralized change changeable changed citizen citizens collection companies compromised concerned consider considered considering corey could countries country counts course create credit cto cyber dangerous dark data days deduplication degree department different discovered discussed does doing down driver’s due duplicate duplicated each engine engines estimate even every expired exposed exposure factors fairly fast feed figure fly food foreign frequently from get globally government growing habits hackers hacks had half hands happen has have health his hosted hotels how however identifiable identification identity impossible improve inaccurate inc indeed india indian information intelligence issue issues just lack large last learning leaves let’s license like listening little look lost lot machine make mandatory many math may mean million mind more much multiple multiply mysterious nachreiner nearly never nice not number numbers numbers; old once one only operated other others out over owned particular passport people per perhaps person personally phone picture pii place placed please podcast populations possible post potential predictive pretty previous probably problem program proper purchase quite reasonably reasons record records referenced released researching results retailer roughly round safe said say scary scenario security see seem serious several should single sites skills social some someone sources states static statistics stay steal stolen stores system technologies than then these thing those time timeframe times total travelers trends trillion united users using vast very watchguard way web what which whose widespread will work would wrong wrote year years your |
| Tags | Guideline |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.