Did someone just steal my password again?

Did someone just steal my password again?
I was reflecting on last week’s news that a Russian gang had stolen over 1.2 billion passwords from 420,000 different sites, mainly through security vulnerabilities exposed using code injection techniques such as SQL injection. Although there is some scepticism to the veracity of this story, it’s clear that large scale security breaches are becoming more and more prevalent.
For example: In 2011, Sony announced that personal details of over 100 million accounts were compromised. In December 2013 we learnt that Target (a large American retail chain) was hacked resulting in over 40 million credit cards and 70 million addresses being compromised. In May of this year, eBay announced that 145 million accounts were compromised in a massive hack. Although these are not quite a ‘tip of the iceberg’ stories there are lots of further examples out there, some closer to home.
 
What do you as a user do?
So as a user when you hear these stories what should you do? Well the best reactive measure when you hear that a website where you have an account has been hacked is to change your password immediately. However even before that happens, and hopefully it won’t, there are some guidelines to help minimise your exposure.
1. Use strong passwords, ideally a minimum of 8 characters with combination of upper and lower case letters, numbers and symbols.
2. Don’t use the same password for different sites. The issue here is that a compromised account on one site may lead to your account on another site also being vulnerable.
3. Use 2 factor authentication where possible. A number of online services now offer alternatives to passwords, see here for further details.
4. It’s difficult to remember lots of different usernames and passwords so consider using a local password manager or wallet.
5. Change your password at regular intervals.
 
What do you as an organisation do?
First work on prevention; security should be part of your strategic thinking so adopt a security approach designed to protect you by reducing the attack surface area that you present. This typically results in deploying a range of security solutions such as firewalls, intrusion prevention system and advanced threat detection systems. Once in place perform threat based risk and vulnerability assessments at regular intervals to determine just how well your defences are working and what other forms of protection you may need. Finally as a last line have secure incident and event management solutions in place to quickly identify if someone is trying to compromise you and how they are doing it.