fbpx

Account Hijacking – A Persistent Threat

Share on facebook
Share on twitter
Share on linkedin
Share on email
Share on whatsapp

What is Account Hijacking?

Account hijacking occurs when an individual or organization gains unlawful access to someone else’s account. Accounts may range from emails, social media, banks, (non)-proprietary software, the cloud and many more. These schemes can often lead to identity theft, IP theft, account takeover, resale of information and other illegal activities with the potential for incalculable damage to the individual, organization and society. Depending on the system, user and malicious actor activities, it can take days, months and even years for the threat to be discovered and even longer for changes to be enacted.

Some Types of Account Hijacking

               Credential Stuffing: Uses a prior list of account credential breaches that have occurred previously to attempt to log in to someone’s account elsewhere. It uses the assumption that many have the tendency to use the same passwords in multiple environments.

               Phishing: a type of attack in which malefactors will often use social engineering to convince or lead victims to relinquish sensitive information. Some examples are:

Hijacking via fake website login authentication

Hijacking via website login authentication

Hijacking via website malware

Hijacking via malware advertisement added to legitimate sites

Hijacking via malware advertisement added to legitimate websites

Hijacking via website malware

               There are numerous ways in which accounts are being hijacked in today’s environment and unfortunately, the vectors keep increasing daily.

Recent Cases of Account Hijacking

  • Twitter, a major social media platform, faced an unprecedent number of account hijacks to some of its most well-known users. Among the prominent targets were Jeff Bezos, Bill Gates, Elon Musk, Kanye West, Kim Kardashian West and companies such as Apple and Uber (BBC). Hijackers attempted to use these accounts to scam victims for money. Within the short period in which said hijack took place, it was estimated that over $100,000 USD were diverted (BBC). As of July 16, 2020, Twitter estimated to around 130 accounts were targeted (Twitter).

  • Previously, a Twitter account by the prominent organization Associated Press was hijacked and used to tweet a fake news regarding an explosion at the White House. This led to a brief spike in the financial market that shed over $136.5 billion in the S&P 500 Index (Reuters).
  • Steam, a major digital distribution services, estimated in 2015 that over 77,000 user accounts were being hijacked every month.
  • Zoom, a video conferring and communications technology platform, had over 500,000 user accounts hijacked and sold in the dark web (Forbes).

What do hackers do with an account once it is hijacked?

        Accounts are often seen as the entrance point to access someone’s data. Since data is perceived to be the gold of the 21st century, many opportunists will go to great lengths to gain access to it. Once access is granted, hackers may be able to: Extract individual’s personal information.

  • Extract organization’s information.
  • Use it as a conduit to attack other targets.
  • Use gathered information to extort money and favors.
  • Use it to gain access to other accounts associated with the hijacked account.
  • Use it to illegally purchase goods and services.
  • Impersonation.
  • Vandalism.
  • Cyberterrorism.

Steps to Limiting the Risk of Account Hijacking

               The cyberworld can seem like a scary lawless place, however, when someone takes ownership of their cyber hygiene, account hijacking becomes a less common occurrence.

               Cyber security as it relates to account hijack continues to be an ever-growing challenge to individuals and organizations alike. To help improve one’s cyber hygiene, GPetrium created a short list of actions everyone should take:

  • Enhanced Password Protection: Take steps to make the password for all your accounts unique with at least 12 characters and a combination of letters, numbers and symbols. For example: M_3nt00sRn&S. Since it can be difficult to remember all passwords, some may benefit from the use of a password manager such as 1Password, KeePass or LastPass.
  • Cyber-safety from Within: Use only software, hardware, networks and communication technologies that are considered to be safe in its respective marketplace. That includes taking steps such as:
    • Limit the use of sensitive accounts in open Wi-Fis and unsafe networks. Preferably, refrain from using said networks.
    • Build cloud technology partnerships with established/ trusted providers while limiting the amount of highly sensitive material in said place.
    • Stick to trusted websites that preferably uses HTTPS protocols.
    • Take steps to ensure that the environment’s settings (e.g. computers, networks, software) are configured to follow organizational guidelines or general guidelines.
    • Do not plug unknown external hardware devices (e.g. USB) into personal or organizational systems.
    • Do not open attachments or click links that are considered suspicious or from an unknown sender.
    • Build a cybersecurity apparatus to support the monitoring of unusual activities when viable.
    • Provide staff and contractor training on cyber-security related matters to help enhance security.
    • Do not leave electronics unattended. At times when this is not an option, take steps to lock unauthorized access (e.g. Cable lock, security lock, Windows: Windows key+L; Mac: Command+Shift+Q) to laptops or servers.
    • Keep relevant software and hardware consistently updated.
    • Install well respected anti-virus to help create an extra layer of security. It is worth noting that some professionals believe that anti-viruses can be a risk to the computer, remember to consider the reason that one may need it. Some organizations are required by their insurance, to have anti-virus software beyond the built-in malware detection (e.g. Windows Defender) installed in all their computers.
    • Check the state of your major accounts regularly to see if there have been irregular activities.
    • From a financial perspective, check your credit report at least once a year.

Conclusion

               As society becomes more advanced, technology will continue to become more complex and intertwined to the digital world. Further, given the continuous increase in the number of active users around the world, it can only be expected that cybercrime will continue to grow and evolve. It is in the hands of every individual and organizations to continue to learn about cybersecurity and take proactive steps to limit their exposure which will ensure lower levels of disruption and continuous prosperity.

The opinions in this article is of the authors and do not reflect clients or other’s views.

Authors

Our Latest Posts

COVID-19 and Future Organizational Resilience

At challenging times such as these, it is important to take a broad view to understand certain factors that have incited drastic changes across different countries and institutions in order to create a robust system that can help to alleviate the effects of future possible disruptions.

Read More »
Receive a monthly newsletter with updates, insights and solutions from GPetrium!