One per cent of sites hacked

Written by Mark Evans

A tool that detects when a website has been hacked by monitoring the activity of related email accounts has been created by researchers at the Jacobs School of Engineering at the University of California San Diego.

The researchers were surprised to find that almost 1 per cent of the websites they tested had suffered a data breach during their 18-month study period, regardless of how big the companies' reach and audience are.

“No one is above this—companies or nation states— it’s going to happen; it’s just a question of when,” said Alex C. Snoeren, the paper’s senior author.

The concept behind the tool, called Tripwire, is relatively simple - a bot that registers and creates accounts on a large number of websites. Each account is associated with a unique email address. The tool was designed to use the same password for the email account and the website account associated with that email. Researchers then waited to see if an outside party used the password to access the email account. This would indicate that the website’s account information had been leaked.

When applied to the real world, the team found that very few of the breached accounts were used to send spam once they became vulnerable. Instead, the hackers usually just monitored email traffic, leading the team to suspect that hackers were monitoring emails to harvest valuable information, such as bank and credit card accounts.

More information here.