How Your Stolen Data Travels the Dark Web
Ever wonder what happens when your credit card number, Google credentials, and online banking password get stolen?
The film Sneakers* is one of the most underrated hacker movies in modern cinematic history. In many ways, it presaged the now cliché tropes that cybersecurity gurus pull out whenever we have a large data breach or hack. For example, the villain Cosmo — portrayed by the brilliant Ben Kingsley — turns at one point to the film’s main character played by Robert Redford and says, “There's a war out there, old friend. A world war. And it's not about who's got the most bullets. It's about who controls the information. What we see and hear, how we work, what we think... it's all about the information!”
That line sounds tired and overused today, but it still captures the essence of our contemporary privacy-challenged culture. It’s all about information. And it begs the question, have you ever wondered what happens to your information, to your data, once it’s stolen? How does it travel the dark, hidden places of the Internet? In its 2016 “Where’s Your Data?” report, Silicon Valley security firm Bitglass tells us.
The Bitglass research team created a “complete digital identity for an employee of a fictitious retail bank, a functional web portal for the bank, and a Google Drive account, complete with seemingly real corporate and personal data. Among the files in the Google Drive were documents containing real credit card numbers, work-product, and more. The team then leaked the employee’s “phished” Google Apps credentials to the Dark Web. What the hackers didn’t know was that each file in the Google Drive was embedded with a watermark and all activities, from logins to downloads, were being tracked by Bitglass, deployed in monitor-only mode.”
And here’s what they found:
That last bullet is particularly interesting. Like many technology users, the fictitious bank employee used the same password across many other web services, like social media. So, once the hackers determined the password worked at the bank login, they then attempted it on other web sites to see if it worked there. In some cases, it did.
As Bitglass points out, there are some things we can do to prevent this kind of thing from occurring to our data.
In the end, it’s all about controlling information. Whether it’s bad guys looking to do bad things, or commercial industry attempting to sell you something, or the government trying to protect you, it’s all about information.
*I could write an entire post on this film. Probably my favorite hacker movie of all time. Setec Astronomy anyone? Hehe.
A federal judge ruled that the Trump administration likely violated the reporter's Fifth Amendment rights when it stripped his press credentials earlier this month.
- Acosta will be allowed to return to the White House on Friday.
- The judge described the ruling as narrow, and didn't rule one way or the other on violations of the First Amendment.
- The case is still open, and the administration may choose to appeal the ruling.
Progressive America would be half as big, but twice as populated as its conservative twin.
- America's two political tribes have consolidated into 'red' and 'blue' nations, with seemingly irreconcilable differences.
- Perhaps the best way to stop the infighting is to go for a divorce and give the two nations a country each
- Based on the UN's partition plan for Israel/Palestine, this proposal provides territorial contiguity and sea access to both 'red' and 'blue' America
The definition of a kilogram will now be fixed to Planck's constant, a fundamental part of quantum physics.
- The new definition of a kilogram is based on a physical constant in quantum physics.
- Unlike the current definition of a kilogram, this measurement will never change.
- Scientists also voted to update the definitions of several other measurements in physics.
SMARTER FASTER trademarks owned by The Big Think, Inc. All rights reserved.