Dear Visitor,

Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course, available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest high-quality content, which is written by professional journalists, with the help of editors, graphic designers, and our site production and I.T. staff, as well as many other talented people who work around the clock for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or to simply disable your Ad Blocker while visiting this site.

Continue on this site freely
You are here: Home / Computing / 6.5M LinkedIn Passwords May Be Stolen
6.5 Million LinkedIn Passwords May Be In Hands of Hackers
6.5 Million LinkedIn Passwords May Be In Hands of Hackers
By Jennifer LeClaire / Enterprise Security Today Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
LinkedIn on Wednesday morning was still unable to confirm reports that 6.5 million user passwords had been exposed. But Sophos has discovered LinkedIn password information posted on a Russian hacker site.

"Although the data which has been released so far does not include associated e-mail addresses, it is reasonable to assume that such information may be in the hands of the criminals," Graham Cluley, senior security analyst at Sophos, wrote in his blog. "Investigations by Sophos researchers have confirmed that the file does contain, at least in part, LinkedIn passwords."

How Did It Happen?

We caught up with Neil Roiter, research director at Corero Network Security, to get his reaction to the news. He told us the reported LinkedIn password breach is a good reminder to use a different password for each of the Web sites you access.

"The larger question to be answered is how the hackers were able to break in and steal the passwords, and what personally identifiable information, if any, also may have been stolen," Roiter said. "People will want assurances that LinkedIn will discover how they were breached, take appropriate steps to prevent a recurrence and review their overall security practices."

SQL Injection Likely

We turned to Dave Pack, director of LogRhythm Labs, to get additional insights about the reported breach. Without specific details of the attack, he told us it's difficult to determine exactly what could have been done to help protect the sensitive data. However, he added, most database breaches are the result of a vulnerable Web application front-end being exploited using SQL injection.

"According to our research, it is extremely common for successful attackers to utilize automated SQL injection tools such as sqlmap or Havij," Pack said. "Such tools leave behind a log trail on the Web server which at first glance makes the attack appear complex, but also makes it easy to detect."

Pack offered an example: By default these tools put their own names into the User Agent string of the http requests they make. He said user agent whitelisting and blacklisting can be used to make sure automated SQL injection tools are immediately identified if they try to do Web application reconnaissance or launch an attack.

"These tools put quite a bit of SQL syntax into URL parameters. Most Web applications have no legitimate need for SQL in the actual URLs. Alarming on this syntax along with encoded variations will detect both automated tool usage as well as manual Web application attacks," Pack said.

"As soon as an attacker is identified by one of these methods their IP address should be blocked, preferably in an automated fashion. Everything that is needed to identify and stop an attack of this nature is all right there in as little as a single log entry on the Web server."

Passwords Encrypted

We also talked with Troy Gill, a security analyst at AppRiver. He told us that although technically no accounts have been hacked, he's sure they could be very quickly.

"It seems that the hacker has stolen a huge database of 6.5 million passwords," Gill said. "The good news is that the passwords are encrypted using SHA-1, which means the hacker will still have to exert some effort to crack them, but strong and complex passwords will take a much greater amount of time and resources than a simple password.

"Therefore, those with a complex and lengthy password will be much safer than those without. In addition, the validity of the list is still unconfirmed by LinkedIn and there is currently no evidence that the hacker obtained corresponding user names along with the passwords."

Tell Us What You Think


Like Us on FacebookFollow Us on Twitter

Over the past decade, hospitals have been busy upgrading their systems from paper to electronic health records. Unfortunately, spending so much on EHR may have left insufficient funds for security.
The British government officially blamed Russia for waging the so-called NotPetya cyberattack that infected computers across Ukraine before spreading to systems in the U.S. and beyond.
© Copyright 2018 NewsFactor Network. All rights reserved. Member of Accuserve Ad Network.