That hackers infiltrating systems go undetected in many organizations comes as no surprise to security researchers, but as 100 million leaked user passwords from a 2012 Rambler breach demonstrate, the affects from those intrusions can crop up unexpectedly and spin out well into the future.
The breach of the Russian internet giant “underscores the long-term and far-reaching tail of risk that sometimes has global repercussions for years to come,” Joe Fantuzzi, CEO of RiskVision, told SCMagazine.com in emailed comments. “Like other Internet mega-breaches, the Rambler attack first occurred in 2012, but four years later is only now being discovered after customer account credentials surfaced online.”
LeakedSource first reported the leaked records earlier this week, explaining that the data set was provided by the same user who offered the data set for the Last.fm breach. Ramble records include username/email addresses, passwords and numbers for the open source instant messaging computer program ICQ.
Fantuzzi noted that it's not unusual for “attack targets to remain in the dark about their security and risk posture until it's too late,” despite their best efforts, “because they have no idea how to stay on top of the enormous amount of vulnerabilities in their environment and then prioritize the most critical flaws for remediation that leave them susceptible to these kinds of attacks.”
Organizations shouldn't be complacent – or smug – if they've not yet been breached. “If the unpatched vulnerabilities in your environment aren't being attacked today, it doesn't mean that they'll escape exploit at another point down the road,” Fantuzzi said.