Celebrating World Password Day
By Aaron Sandeen, CEO and Co-Founder of Cyber Security Works (CSW)
Passwords have been around since the beginning of the digital era. They’re here to protect our privacy and security and the security of the companies we work for. Actions like changing your password every few months and not reusing old passwords seem like standard practices; however, a recent report shows that 66% of employees reuse their password anyway.
For reasons like this, the people of tech giant, Intel, decided to found the day in 2013, now known as World Password Day, celebrated every first Thursday of May.
Recognizing password related cyberattacks
World Password Day is a day set aside to promote better password use and draw attention to the numerous password related assaults. Tackling every password related attack would be difficult, but addressing the problem of password reset poisoning plays an essential role in increasing organizational knowledge about better password use and vulnerability management.
Password reset is available in all online applications that use a login gateway. When a user forgets their password, this reset password option comes in handy. However, in many organizations, password reset poisoning is an attack in which the attacker acquires a victim’s password reset token and is now able to reset the victim’s password.
The issue arises when the application utilizes the host header to build the password reset link and then adds the user-supplied host header to the password reset link. Companies must be aware of this type of password attack to protect the privacy of their employees and the organization as a whole. While dealing with similar password related attacks, more vulnerabilities can be addressed, giving security teams peace of mind.
Recent password related cyberattacks
The following are examples from the first few months of 2022, where poor password hygiene led to different types of cyberattacks.
Ransomware group uses passwords stolen via RedLine malware
On March 20th 2022, Lapsus$ hacking group claimed to have leaked the source code for Bing, Cortana, and other projects stolen from Microsoft’s internal Azure DevOps server. The RedLine password stealer was used to take 37GB of source code allegedly belonging to Microsoft. Microsoft continues to track the Lapsus$ data extortion group as ‘DEV-0537’. DEV-0537 is also known to exploit vulnerabilities in Confluence, JIRA, and GitLab for privilege escalation.
Multi-factor authentication compromise, brute force password guessing attack
On March 15th 2022, the FBI announced that Russian state-backed hackers gained access to a non-governmental organization (NGO) cloud after enrolling its device in its Duo multi-factor authentication (MFA) system following the exploitation of misconfigured default MFA protocols. To breach the network, the hackers used credentials compromised in a brute force password guessing attack to access an unenrolled and inactive account that had not yet been disabled in the organization’s Active Directory.
On February 3rd 2022, LockBit ransomware operators claimed that they stole the PayBito database that contained 100,000 customers’ information across the United States and other countries worldwide. The information taken included email addresses and “weak” password hashes.
Cloud repo without password misused
A misconfigured Amazon S3 bucket belonging to Civicom was responsible for exposing thousands of audio and video recordings of the company’s clients. The S3 bucket was left exposed without any password or security authentication, meaning anyone with knowledge of how to find misconfigured databases could have accessed the data. This resulted in 8TB of stolen records.
How properly celebrate World Password Day
In a timely concern, many are worrying about the uptick in cyberattacks around the world due to the ongoing Ukraine and Russia conflict. Companies and individuals prioritizing cybersecurity practices have more reason to enhance their passwords throughout their portals and applications.
The best way anyone can commemorate this special day is to ensure your password meets the security standards. You’ll be doing what the day requires whilst also increasing your organization’s security. It’s crucial to be informed on safer password use more than ever. This will undoubtedly guarantee that the day is honored, especially since you’ll inspire everyone around you to do the same and be careful of their digital presence.
About the Author
Aaron Sandeen is the CEO of Cyber Security Works (CSW), your organization’s early cybersecurity warning partner to prevent attacks before they happen.
Aaron leads CSW in helping organizations worldwide to continuously improve their security posture by mapping their vulnerabilities to real-world threats.
