Pre-emptive security system sets out to stifle cybercriminals
24 November 2017 - 10:02 by Simon Crisp
In the past couple of years there have been a series of worrying incidences in which customer email addresses, passwords and other types of private data have been stolen from major organisations. Once this information is out in the open, crooks can exploit it to steal identities and commit all kinds of fraud.
Now a project created by Shape Security is setting out to tackle leaks before they cause havoc by making it easier to detect when thieves attempt to use stolen passwords, according to the Register.
The system is apparently capable of operating in real time to seek out stolen passwords which are being used by cybercriminals. Firms including Deliveroo, Groupon and the National Lottery have all been hit by such attacks recently.
The main reason that passwords stolen from one outlet can be used elsewhere is that people tend to rely on the same email address and password combination whenever they create a new account. So even sites which offer safe shopping online can be left vulnerable if customers do not take proper precautions when signing up.
Experts estimate that nine out of 10 login attempts which fail on modern sites are as a result of so-called ‘credential stuffing’ attacks using leaked passwords and info from other hacks. So this early detection and prevention system could be a valuable tool for the banks and retailers that have already signed up to use it.
The best advice consumers can follow to stay protected and enjoy safe shopping online remains the same; do not use the same password across multiple sites, pick a login that is difficult for crooks to crack through brute force and change details whenever a major breach is reported.
Users can often be the weak link in any security system and this is certainly true when it comes to the world of the web.