Digital Shadows announced new capabilities within its SearchLight
solution to enable organizations to track whether credentials exposed in data
breaches are ‘valid' and hence a current risk. The near real-time credential
alert uses the Digital Shadows database of some 15 billion breached credentials
and maintains a history of whether credentials (usernames and passwords) have
been seen before or previously remediated so that organizations can see
instantly whether they can still be exploited by criminals to infiltrate
accounts and systems.
Last week, Digital Shadows revealed that it has alerted clients to
27.3 million username and password combinations in the last 18 months. It also
warned that access to organizations' key systems trade at a significant
premium. Usernames with "invoice" or "invoices" as well as "payments" and
"partners" are actively sought by cyber criminals. Domain admin access is currently
advertised by cyber criminals with prices ranging from $500 to $120,000.
Digital Shadows SearchLight has the
most comprehensive collection mechanism in the market to combat
this threat, continuously searching across criminal forums, paste sites, dark
web pages, and code-sharing sites. This has detected more than 15 billion
credentials to date, and this number continues to rise. Given credential
breaches are common and password reuse is rife, often organizations lack
visibility of who has been impacted - and the extent of the impact this has on
the business.
The new service is designed to help
organizations solve this challenge by enabling them to:
- Triage quicker: reused credentials will not be raised as
new alerts. Instead, if the same credential pair is detected on a new source,
the alert is updated with the source details.
- Automatically reject invalid credentials based on
specified email and password formats
- Deeper historical context via a timeline viewer
- Better reporting - gain a macro-level picture of the
number of employees involved in a breach.
Russell Bentley, VP Product at Digital
Shadows comments: "Managing data breach volumes is time consuming given the
huge amount of breached credentials out there. Organizations often struggle to
determine which credentials are historic and may no longer represent a danger
to them and those that are a clear and present danger. SearchLight's new
credential alert removes the time spent triaging invalid or duplicate
credentials enabling organizations to stay on top of this issue in real time."