Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

4/17/2018
11:00 AM
Steve Zurier
Steve Zurier
Slideshows
Connect Directly
Twitter
RSS
E-Mail
100%
0%

8 Ways Hackers Monetize Stolen Data

Hackers are craftier than ever, pilfering PII piecemeal so bad actors can combine data to set up schemes to defraud medical practices, steal military secrets and hijack R&D product information.
Previous
1 of 9
Next

Image Source: Ginger_Cat via Shutterstock

Image Source: Ginger_Cat via Shutterstock

We are long past the era of the 14-year old teenage hacker trying to spoof a corporate or defense network for the fun of it, just because they can. While that still happens, it’s clear that hacking has become big business.

From China allegedly stealing billions of dollars annually in intellectual property to ransomware attacks estimated to top $5 billion in 2017, data breaches and the resulting cybercrime are keeping CISO and rank-and-file security managers on their toes.

Security teams need to be aware of the full range of what hackers do with this stolen data. The crimes range from stolen IP to filing fraudulent tax rebates to the IRS to setting up a phony medical practice to steal money from Medicare and Medicaid patients and providers.

"Hackers will often start by selling data on military or government accounts," says Mark Laliberte, an information security analyst at WatchGuard Technologies. "People are also bad at choosing passwords for individual services and often reuse passwords, which lets hackers try those passwords on the other websites their victims use."

Paul Calatayud, chief security officer, Americas, at Palo Alto Networks, says medical data has become especially vulnerable because many hospitals and medical practices use the same cloud-based ERP or human resources systems and hackers can piece together information and eventually enter a billing or patient information system.

For this slideshow, we explain how hackers monetize the stolen data. The following list is based on phone interviews with Laliberte and Calatayud.

 

Steve Zurier has more than 30 years of journalism and publishing experience, most of the last 24 of which were spent covering networking and security technology. Steve is based in Columbia, Md. View Full Bio

Previous
1 of 9
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
jeremy_wittkop
50%
50%
jeremy_wittkop,
User Rank: Author
4/27/2018 | 6:38:55 PM
Interesting Read
Interesting read. Some of the methods are well known, but there are others that are less apparent until you sit down and think about what could be done with the information being stolen. I think GDPR and other regulations around the world signify that consumers are waking up to the risks associated with thei personal data. The sun is setting on idea that once we give a company our information that they can keep it in perpetuity and sell it to whomever they choose and somehow it will remain safe as it propogates. With so many ways to capitalize on stolen information, it's no wonder why these things continue to happen.
bwagner62
50%
50%
bwagner62,
User Rank: Apprentice
4/23/2018 | 4:46:00 PM
Re: Informative story
More than once in this article, it is stated that users do not choose or create strong passwords and we all know why passwords are not strong, why they are used over and mishandled. But when will we (especially companies) figure out the investment in MFA pays off? So many companies do not want to make an investment in access control or they cheap out with a solution that requires accessing a third party vendor's network. I can only assume that it is more profitable to continue using passwords that we all know are weak.
szurier210
50%
50%
szurier210,
User Rank: Moderator
4/17/2018 | 1:56:46 PM
Re: Informative story
Thanks very much for your comments. Yes, I'm always very concerned that our seniors are vulnerable to hacking attacks and social scams over the phone as well. We do what we can to help people out. 
ChristianP468
50%
50%
ChristianP468,
User Rank: Apprentice
4/17/2018 | 1:44:07 PM
Informative story
This article is very informative and knowing what hackers do with stolen data can help prevent these types of attacks in the future. It is very interesting that hackers sales stolen data that no longer have any value. This set the point that once consumers have been noticed of data breaches that they should take them seriously and change all associated information. Now many companies will force a password change after a data breach (Bonnington, 2018). One thing that was pointed out was how thefts will target elders with small medical bills that elderly people would be most likely to pay.

 

Bonnington, C. (2018). The MyFitnessPal Hack Affects 150 Million Users. It Could've Been Even Worse.Slate Magazine. Retrieved 17 April 2018, from https://slate.com/technology/2018/03/myfitnesspal-hack-under-armour-data-breach.html
The Mainframe Is Seeing a Resurgence. Is Security Keeping Pace?
Ray Overby, Co-Founder & President at Key Resources, Inc.,  8/15/2019
The Flaw in Vulnerability Management: It's Time to Get Real
Jim Souders, Chief Executive Officer at Adaptiva,  8/15/2019
5 Ways to Improve the Patching Process
Kacy Zurkus, Contributing Writer,  8/20/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-5638
PUBLISHED: 2019-08-21
Rapid7 Nexpose versions 6.5.50 and prior suffer from insufficient session expiration when an administrator performs a security relevant edit on an existing, logged on user. For example, if a user's password is changed by an administrator due to an otherwise unrelated credential leak, that user accou...
CVE-2019-6177
PUBLISHED: 2019-08-21
A vulnerability reported in Lenovo Solution Center version 03.12.003, which is no longer supported, could allow log files to be written to non-standard locations, potentially leading to privilege escalation. Lenovo ended support for Lenovo Solution Center and recommended that customers migrate to Le...
CVE-2019-10687
PUBLISHED: 2019-08-21
KBPublisher 6.0.2.1 has SQL Injection via the admin/index.php?module=report entry_id[0] parameter, the admin/index.php?module=log id parameter, or an index.php?View=print&id[]= request.
CVE-2019-11601
PUBLISHED: 2019-08-21
A directory traversal vulnerability in remote access to backup & restore in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.2.0 allows remote attackers to write or delete files at any location.
CVE-2019-11602
PUBLISHED: 2019-08-21
Leakage of stack traces in remote access to backup & restore in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.2.0 allows remote attackers to gather information about the file system structure.