Strengthening Cybersecurity in the Wake of the 'Mother of All Breaches': Best Practices and Essential Strategies

Jan 30, 2024

By Christian Scott, COO & CISO at Gotham Security, an Abacus Group Company

CyberNews recently uncovered a massive data breach, which aggregated 12 terabytes of information from various past leaks; encompassed an unprecedented 26 billion records; and included user data from LinkedIn, X (Twitter), Weibo, Tencent, and other platforms. Dubbed the "Mother of All Breaches" (MOAB), it's potentially the largest data leak ever found.

Much attention has been on the scale of the incident, but it is also significant that the breach continues a pattern of malicious actors aggregating leaked credentials of several unrelated data breaches together into one database, something we previously saw with Exploit.IN in 2016 and COMB in 2021. 

Hackers are potentially able to leverage these breached credentials at scale to conduct credential-stuffing attacks against other services and company accounts, thereby gaining access to additional systems via reused passwords. Furthermore, this information allows hackers to infer commonly used passwords by staff at an organization to perform curated password spraying attacks.

There are lessons to be learned by businesses here. This leak poses serious risks for the affected companies, including the potential for financial losses and regulatory penalties, as well as major reputational harm. Businesses are expected to protect their customers' and partners' data. Once they lose this trust, it's hard to regain it.

It is imperative, therefore, that organizations continually educate their staff about password best practice. They need to dissuade employees from reusing passwords and instead encourage them to employ long passphrases, change compromised passwords, and implement multi-factor authentication (MFA) in as many places as possible. It may seem trivial, but it can cost millions of dollars if not followed. 

Equally, it is important for staff to avoid utilizing easily-guessable information (like birthdays or names) and instead use a unique password for every account. Companies can leverage password managers that securely store and recall passwords. These are often easy to use and fast too.

Organizations without an advanced password management system should use HaveIBeenPwned's free domain search tool for breach monitoring (https://haveibeenpwned.com/DomainSearch), a resource which is well regarded across the security community.

Moreover, while Multi-Factor Authentication (MFA) is valuable, it's not infallible. You should avoid utilizing SMS, Email, and OTP code-based multi-factor authentication where possible; it’s surprisingly easy to bypass.

In case you needed reminding, cyber criminals can be extremely clever, and often have large resources – do not underestimate them.

It's crucial also to enhance security with features like Impossible Travel Detection, Device-based Conditional Access Policies, and Extra Login Context, such as Reverse Number Matching for MFA notifications in Microsoft Entra (Azure AD) and Intune.

Last but not least, individual staff members should also focus on their personal security. Malicious actors often target individuals to infiltrate larger organisations. To counter this, we offer Privacy Data Sanitisation services to help our customers proactively safeguard their personal and family data.

The "Mother of All Breaches" serves as a stark reminder of the evolving and sophisticated nature of cyber threats. As data breaches become more complex and frequent, it is imperative for organisations and individuals alike to elevate their cybersecurity measures.

Embracing robust password management, implementing multi-factor authentication, and staying vigilant against evolving cyber threats are key steps in safeguarding sensitive data. Remember, cybersecurity is not just an IT issue; it's a continuous commitment to protect ourselves and our organisations in the digital age. By proactively addressing these challenges, we can significantly reduce our vulnerability to these ever-present cyber threats.

Additional Resources:
Why MFA Is Important, How Hackers Bypass MFA and How To Protect Your Users Further.

 

Background image with financial charts and graphs on media backdrop

Learn more about how your investment firm can benefit from our flexible, scalable & secure IT services.

Contact Us