aster.cloud aster.cloud
  • /
  • Platforms
    • Public Cloud
    • On-Premise
    • Hybrid Cloud
    • Data
  • Architecture
    • Design
    • Solutions
    • Enterprise
  • Engineering
    • Automation
    • Software Engineering
    • Project Management
    • DevOps
  • Programming
    • Learning
  • Tools
  • About
  • /
  • Platforms
    • Public Cloud
    • On-Premise
    • Hybrid Cloud
    • Data
  • Architecture
    • Design
    • Solutions
    • Enterprise
  • Engineering
    • Automation
    • Software Engineering
    • Project Management
    • DevOps
  • Programming
    • Learning
  • Tools
  • About
aster.cloud aster.cloud
  • /
  • Platforms
    • Public Cloud
    • On-Premise
    • Hybrid Cloud
    • Data
  • Architecture
    • Design
    • Solutions
    • Enterprise
  • Engineering
    • Automation
    • Software Engineering
    • Project Management
    • DevOps
  • Programming
    • Learning
  • Tools
  • About
  • Tech

Are Your Credentials Already In Cyber Criminals’ Hands?

  • root
  • December 30, 2020
  • 3 minute read

It’s common for every digital service today to ask you to log in with a password and an email address. Social media, streaming services, favourite news sites and work accounts all require credentials to protect user data.

One recent study[1] found the average person has between 70 and 80 accounts requiring passwords. The proliferation of passwords is not as comforting as it might appear to be. With so many to remember, it’s no surprise that people are tempted to reuse, rotate or use variations of a few passwords. But if individuals repeatedly use the same email and password combination when accessing third party services, and these services are then breached, the individuals and their organisations face an increased cyber security risk.


Partner with aster.cloud
for your next big idea.
Let us know here.



From our partners:

CITI.IO :: Business. Institutions. Society. Global Political Economy.
CYBERPOGO.COM :: For the Arts, Sciences, and Technology.
DADAHACKS.COM :: Parenting For The Rest Of Us.
ZEDISTA.COM :: Entertainment. Sports. Culture. Escape.
TAKUMAKU.COM :: For The Hearth And Home.
ASTER.CLOUD :: From The Cloud And Beyond.
LIWAIWAI.COM :: Intelligence, Inside and Outside.
GLOBALCLOUDPLATFORMS.COM :: For The World's Computing Needs.
FIREGULAMAN.COM :: For The Fire In The Belly Of The Coder.
ASTERCASTER.COM :: Supra Astra. Beyond The Stars.
BARTDAY.COM :: Prosperity For Everyone.

In recent years, cyber criminals have been moving from ‘spray and pray’ tactics to target individuals and specific industries. Digital footprints and social media presences help criminals identify individual employees or departments working within target companies. Mining an individual’s digital information is also used to gain access to password-protected accounts and discover credentials to further criminal activities.

 

15 billion credentials are already available for cyber criminals

The number of stolen usernames and passwords in circulation has increased by 300% since 2018. Research from Digital Shadows found there are now more than 15 billion available to cybercriminals[2]. These credentials have become commodities to be traded, or even given away, on the dark web by criminal syndicates.

For syndicates, selling compromised accounts is easier and can be more lucrative than ‘spray and pray’ attacks. The average price for the commercially traded logins was US$15.43, while credentials such as active bank account logins commanded a premium. Digital Shadows saw some banking account credentials sold for as much as US$500 depending on the funds available and the freshness of the credential theft itself.

Read More  Introducing Google Cloud Backup And DR

Domain administrator accounts are among the most valuable to cyber criminals because they offer access to internal business networks. Such accounts are usually sold by auction with an average price of US$3,139 per account. In some cases, the price reached over US$120,000.

These new market dynamics give an incentive to cyber criminals to target a wider range of organisations, including small and medium-sized businesses, and not just larger enterprises. Australian charities, not-for-profits and SMBs are already being affected[3], with Australia third on the global list for most in-demand credentials behind the US and Canada.

 

The silent threat

According to The Federal Government’s Office of The Australian Information Commissioner, 518 breaches were notified under the Notifiable Breach scheme between January and June 2020[5].  Although this figure is down 3% from 532 in the previous six months, it is up 16% on the 447 notifications received during the period January-June 2019.

It’s important to note that the threat from leaked credentials is not always obvious at first. Once hackers have credentials, they put them up for sale on the market, or they (or the party which purchases them) may lurk within the organisation’s systems, watching activity and mining more valuable data.

 

Are your credentials already in the cyber criminals’ hands?

The first step to reducing the threat is understanding the problem and identify any compromised accounts related to your business. This is where Telstra’s Leaked Credential Assessment can help.

Telstra, together with our expert partner FirstWave, monitors hidden chat rooms, private websites, peer-to-peer networks, Internet Relay Chat channels, social media and black market sites for leaked account names and passwords. Using your domain name, we can help determine whether an employee’s corporate email address and password used have been compromised as a result of a third party being breached. We can tell you which credentials we have found on the dark web and guide you through steps mitigate any potential risk to the business. We will also help you understand where the breach happened and provide advice on how you can reduce the likelihood of it happening in future.

Read More  Puppet And Replicated Partner For Kubernetes-Based Software Delivery

This feature is sourced from Telstra.


For enquiries, product placements, sponsorships, and collaborations, connect with us at [email protected]. We'd love to hear from you!

Our humans need coffee too! Your support is highly appreciated, thank you!

root

Related Topics
  • Cyber criminals
  • Data
  • elstra’s Leaked Credential Assessment
  • Leaked credentials
  • Personal data
  • Security
  • Social media streaming
You May Also Like
Getting things done makes her feel amazing
View Post
  • Computing
  • Data
  • Featured
  • Learning
  • Tech
  • Technology

Nurturing Minds in the Digital Revolution

  • April 25, 2025
View Post
  • Tech

Deep dive into AI with Google Cloud’s global generative AI roadshow

  • February 18, 2025
Volvo Group: Confidently ahead at CES
View Post
  • Tech

Volvo Group: Confidently ahead at CES

  • January 8, 2025
zedreviews-ces-2025-social-meta
View Post
  • Featured
  • Gears
  • Tech
  • Technology

What Not to Miss at CES 2025

  • January 6, 2025
View Post
  • Tech

IBM and Pasqal Plan to Expand Quantum-Centric Supercomputing Initiative

  • November 21, 2024
Black Friday Gifts
View Post
  • Tech

Black Friday. How to Choose the Best Gifts for Yourself and Others, Plus Our Top Recommendations.

  • November 16, 2024
zedreviews-Apple-iPhone-16-Pro-finish-lineup-240909
View Post
  • Featured
  • Gears
  • Tech
  • Technology
  • Tools

Apple debuts iPhone 16 Pro and iPhone 16 Pro Max

  • September 10, 2024
zedreviews-Apple-iPhone-16-Apple-Intelligence-240909
View Post
  • Featured
  • Gears
  • Tech
  • Technology

Apple introduces iPhone 16 and iPhone 16 Plus

  • September 10, 2024

Stay Connected!
LATEST
  • 1
    Just make it scale: An Aurora DSQL story
    • May 29, 2025
  • 2
    Reliance on US tech providers is making IT leaders skittish
    • May 28, 2025
  • Examine the 4 types of edge computing, with examples
    • May 28, 2025
  • AI and private cloud: 2 lessons from Dell Tech World 2025
    • May 28, 2025
  • 5
    TD Synnex named as UK distributor for Cohesity
    • May 28, 2025
  • Weigh these 6 enterprise advantages of storage as a service
    • May 28, 2025
  • 7
    Broadcom’s ‘harsh’ VMware contracts are costing customers up to 1,500% more
    • May 28, 2025
  • 8
    Pulsant targets partner diversity with new IaaS solution
    • May 23, 2025
  • 9
    Growing AI workloads are causing hybrid cloud headaches
    • May 23, 2025
  • Gemma 3n 10
    Announcing Gemma 3n preview: powerful, efficient, mobile-first AI
    • May 22, 2025
about
Hello World!

We are aster.cloud. We’re created by programmers for programmers.

Our site aims to provide guides, programming tips, reviews, and interesting materials for tech people and those who want to learn in general.

We would like to hear from you.

If you have any feedback, enquiries, or sponsorship request, kindly reach out to us at:

[email protected]
Most Popular
  • Understand how Windows Server 2025 PAYG licensing works
    • May 20, 2025
  • By the numbers: How upskilling fills the IT skills gap
    • May 21, 2025
  • 3
    Cloud adoption isn’t all it’s cut out to be as enterprises report growing dissatisfaction
    • May 15, 2025
  • 4
    Hybrid cloud is complicated – Red Hat’s new AI assistant wants to solve that
    • May 20, 2025
  • 5
    Google is getting serious on cloud sovereignty
    • May 22, 2025
  • /
  • Technology
  • Tools
  • About
  • Contact Us

Input your search keywords and press Enter.