Data Savvy Hackers Enhance Password Vulnerability In 2019

Data savvy hackers are increasing password vulnerability in 2019. Read on to find out why this is important and how to protect from it.

Avatar
September 30, 2019
27 Shares 2,951 Views

Big data is making a number of cybersecurity risks worse than ever. A growing number of companies are starting to explore the need to utilize big data to enhance their digital security. They are also starting to recognize that hackers are using big data as well, so they need to monitor them carefully.

One of the biggest areas that they need to address is password security. Machine learning and other big data technology has rendered password security a greater concern.

Password Security in the Age of Big Data

Hackers are becoming more tech-savvy than ever. Alexander Polyakov of Towards Data Science discussed some of the ways that they are using machine learning to exploit their victims. Polyakov points out that hackers use machine learning for five main purposes, including collecting information on targets, impersonating aides to their targets, gaining unauthorized access, orchestrating the attack and automating the entire process.

There are a number of ways that they can do this effectively. Some of the ways that hackers use machine learning is with cracking passwords or outright stealing them.

How effective is machine learning for breaking passwords? One study found that password crackers using machine learning and other big data tools are very effective. One password cracker used a more sophisticated machine learning tool and was able to boost effectiveness by up to 73%.

This should leave you very afraid. You should recognize the need to update passwords in a world where hackers have highly advanced machine learning tools at their fingertips.

Changing Your Passwords in the Machine Learning Era

All of us – or at least, almost all of us – have a multifaceted approach to the way we deal with passwords. We’ll have ‘high security’ passwords for things we care about, and ‘low security’ passwords for things which mean less to us. This is, of course, unless you’re one of the carefree crowd which is still using the same password for absolutely everything you do online in 2019. If you are, you need to stop doing that immediately. Machine learning has made them much more vulnerable.

We accept that there’s no such thing as a completely secure password. Even if you’re using a combination of numbers, letters, symbols, and capital letters, there are always ways that determined hackers might be able to catch you out. If the hackers don’t get you, eventually, one of the companies you’ve entrusted to keep your data secure will be exploited, and your password and email information will be dumped all over the internet.

It’s precisely because old passwords and similar data get leaked that you should always make sure you not only pick a secure password, but you change it regularly. Using a random password generator is a good idea, and you should probably come up with new ones every six months. You might not be able to make yourself completely impervious to attack, but you can reduce the chances any leaked passwords still being valid by the time any malicious entity comes across them online.

Most of you probably think you don’t need this advice. You’re happy with your passwords, and you’re confident that your important accounts are secure. The problem is that when many of us think about ‘important accounts,’ we let some slip through the cracks. We’re sure your online banking data is hard to crack. You’ve probably put real effort into making sure nobody has access to your social media passwords, or the password to your email account. The issue here is that your social media and email passwords wouldn’t necessarily present an immediate financial threat if they fell into the wrong hands. The accounts we’re about to look at would.

Your Amazon Password

When’s the last time you changed the password to your Amazon account? Probably years ago, right? How much has Amazon changed since then? If you’ve never changed your Amazon security details since you first registered with them, today would be a great day to do it. After all, your payments details are stored on there. Not only that, there’s probably a full address history for yourself and some of your friends and relatives you’ve had things delivered to. There might even be a range of different credit card details online, too.

The threat of someone accessing your Amazon account is even more significant since same-day delivery became a thing. All someone needs to do is use your details to place an order, have it delivered somewhere the same day, and then never be in that location ever again. They’d have their order, you’d have paid for it, and sorting it out from there would be a nightmare.

Your Netflix/Amazon Prime Account

There’s a common joke on the internet that when couples split up, both partners continue to access the shared Netflix account – only one of the former couple don’t know that the other one is doing it. Having a Netflix sponge is one thing. Having a stranger in there is quite another.

You probably don’t think that your Netflix account is a big deal, because it’s a monthly subscription, and if someone does break into it they’re technically stealing from Netflix, not you. That’s true on one level – but how is that subscription paid for? All someone needs to do is access your account to find your payment details – and they you’re in trouble.

All Of Your Online Casino Passwords

Nobody should feel guilty about using the internet to gamble. The overwhelming majority of people who use online casinos or play mobile slots never develop an addiction issue, and consider it a fun hobby and a way to unwind. Online slots and other casino games are the only forms of gambling you should be doing with your account though – you shouldn’t be gambling with an old, weak password. Someone else could easily be walking away with your mobile slots jackpot.

Picture this. Someone logs on. They use your connected account details to make a deposit into your account. They play a few games using your money, and they win something. After that, they flip their account details over to yours, and withdraw. When they’re done, they delete their account details again.

Your Spotify Account

It would be embarrassing if someone broke into your Spotify account, wouldn’t it? They’d know all about all those songs and artists you listen to when you’re on your own. Your guilty pleasures would be out in the open, and someone else would know about your penchant for early 90s pop bands. That would be the least of your concerns, though.

As with any subscription model, Spotify takes payments from you using bank details which are stored under your account details. A well-tooled hacker, if given access to your account, could extract those bank details before you had any idea what had happened. That would be a good reason to throw some sad songs on.

Your Mobile Phone Account

A lot of people forget they even have these. Because your phone is likely paid by Direct Debit, and you interact with your network provider through your phone, you likely have very little reason even to log into your network provider’s website. You almost certainly have an account with them, though, and that account has a password. If you’ve been with the same network for a long time, that password might be ten years old or more.

Someone who logs into your mobile phone account has access to your payment information. Worse than that, they might be able to hijack your entire phone if they set their mind do it. Today is a good day to rediscover that old account, and pick a new password to eliminate the risk.

Beware of Insecure Passwords in the Big Data World

Big data has made passwords more vulnerable than ever. You can’t take this lightly, as hackers can use machine learning to exploit their victims.

Conclusion

The simple rule to remember is this: There is no longer any such thing as a low-risk internet account. If you have an account with any company you’ve bought goods from in the past – and your payment details are connected to that account – you should treat the security of that account just as seriously as your online banking security details. Make time in your day to go on a round-up of all your old accounts, and make sure they’re tightly secured. Don’t delay – do it now!