Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

4/17/2018
11:00 AM
Steve Zurier
Steve Zurier
Slideshows
Connect Directly
Twitter
RSS
E-Mail
100%
0%

8 Ways Hackers Monetize Stolen Data

Hackers are craftier than ever, pilfering PII piecemeal so bad actors can combine data to set up schemes to defraud medical practices, steal military secrets and hijack R&D product information.
Previous
1 of 9
Next

We are long past the era of the 14-year old teenage hacker trying to spoof a corporate or defense network for the fun of it, just because they can. While that still happens, it’s clear that hacking has become big business.

From China allegedly stealing billions of dollars annually in intellectual property to ransomware attacks estimated to top $5 billion in 2017, data breaches and the resulting cybercrime are keeping CISO and rank-and-file security managers on their toes.

Security teams need to be aware of the full range of what hackers do with this stolen data. The crimes range from stolen IP to filing fraudulent tax rebates to the IRS to setting up a phony medical practice to steal money from Medicare and Medicaid patients and providers.

"Hackers will often start by selling data on military or government accounts," says Mark Laliberte, an information security analyst at WatchGuard Technologies. "People are also bad at choosing passwords for individual services and often reuse passwords, which lets hackers try those passwords on the other websites their victims use."

Paul Calatayud, chief security officer, Americas, at Palo Alto Networks, says medical data has become especially vulnerable because many hospitals and medical practices use the same cloud-based ERP or human resources systems and hackers can piece together information and eventually enter a billing or patient information system.

For this slideshow, we explain how hackers monetize the stolen data. The following list is based on phone interviews with Laliberte and Calatayud.

 

Steve Zurier has more than 30 years of journalism and publishing experience and has covered networking, security, and IT as a writer and editor since 1992. Steve is based in Columbia, Md. View Full Bio
 

Recommended Reading:

Previous
1 of 9
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
jeremy_wittkop
50%
50%
jeremy_wittkop,
User Rank: Author
4/27/2018 | 6:38:55 PM
Interesting Read
Interesting read. Some of the methods are well known, but there are others that are less apparent until you sit down and think about what could be done with the information being stolen. I think GDPR and other regulations around the world signify that consumers are waking up to the risks associated with thei personal data. The sun is setting on idea that once we give a company our information that they can keep it in perpetuity and sell it to whomever they choose and somehow it will remain safe as it propogates. With so many ways to capitalize on stolen information, it's no wonder why these things continue to happen.
bwagner62
50%
50%
bwagner62,
User Rank: Apprentice
4/23/2018 | 4:46:00 PM
Re: Informative story
More than once in this article, it is stated that users do not choose or create strong passwords and we all know why passwords are not strong, why they are used over and mishandled. But when will we (especially companies) figure out the investment in MFA pays off? So many companies do not want to make an investment in access control or they cheap out with a solution that requires accessing a third party vendor's network. I can only assume that it is more profitable to continue using passwords that we all know are weak.
szurier210
50%
50%
szurier210,
User Rank: Moderator
4/17/2018 | 1:56:46 PM
Re: Informative story
Thanks very much for your comments. Yes, I'm always very concerned that our seniors are vulnerable to hacking attacks and social scams over the phone as well. We do what we can to help people out. 
ChristianP468
50%
50%
ChristianP468,
User Rank: Apprentice
4/17/2018 | 1:44:07 PM
Informative story
This article is very informative and knowing what hackers do with stolen data can help prevent these types of attacks in the future. It is very interesting that hackers sales stolen data that no longer have any value. This set the point that once consumers have been noticed of data breaches that they should take them seriously and change all associated information. Now many companies will force a password change after a data breach (Bonnington, 2018). One thing that was pointed out was how thefts will target elders with small medical bills that elderly people would be most likely to pay.

 

Bonnington, C. (2018). The MyFitnessPal Hack Affects 150 Million Users. It Could've Been Even Worse.Slate Magazine. Retrieved 17 April 2018, from https://slate.com/technology/2018/03/myfitnesspal-hack-under-armour-data-breach.html
Attackers Leave Stolen Credentials Searchable on Google
Kelly Sheridan, Staff Editor, Dark Reading,  1/21/2021
How to Better Secure Your Microsoft 365 Environment
Kelly Sheridan, Staff Editor, Dark Reading,  1/25/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: We need more votes, check the obituaries.
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-4889
PUBLISHED: 2021-01-26
IBM Spectrum Scale 5.0.0 through 5.0.5.4 and 5.1.0 could allow a local user to poison log files which could impact support and development efforts. IBM X-Force ID: 190971.
CVE-2020-4949
PUBLISHED: 2021-01-26
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 192025.
CVE-2021-21275
PUBLISHED: 2021-01-25
The MediaWiki "Report" extension has a Cross-Site Request Forgery (CSRF) vulnerability. Before fixed version, there was no protection against CSRF checks on Special:Report, so requests to report a revision could be forged. The problem has been fixed in commit f828dc6 by making use of Medi...
CVE-2021-21272
PUBLISHED: 2021-01-25
ORAS is open source software which enables a way to push OCI Artifacts to OCI Conformant registries. ORAS is both a CLI for initial testing and a Go Module. In ORAS from version 0.4.0 and before version 0.9.0, there is a "zip-slip" vulnerability. The directory support feature allows the ...
CVE-2021-23901
PUBLISHED: 2021-01-25
An XML external entity (XXE) injection vulnerability was discovered in the Nutch DmozParser and is known to affect Nutch versions < 1.18. XML external entity injection (also known as XXE) is a web security vulnerability that allows an attacker to interfere with an application's processing of XML ...