Dresner Group Blog
What a Recent Bank Leak Should Tell Us About the Dark Web
There are a lot of ways that our language represents our collective trust of banks. Why else would we use idioms to claim that someone’s statements are trustworthy that say that one can “bank on it” or “take that to the bank”? Unfortunately, this trust isn’t always completely justified, as a recent discovery of 24 million banking documents proves.
An independent security researcher named Bob Diachenko discovered the cache online. Saved in an Elasticsearch server, these documents were a collection of OCR (or optical character recognition) files. These files had data from throughout the last decade, outlining mortgage and loan agreements, tax documents, and other sensitive financial documents.
Naturally, it should be clear that a database containing such a large collection of data should at least be password protected. This one was not.
As a result, 1.3 gigabytes were left exposed, allowing potentially anyone to peruse the 24 million documents (including names, addresses, birth dates, Social Security numbers, pretty much everything needed to commit various financial crimes), just so long as they could find the server.
These digital reproductions were ultimately linked back to a Fort Worth company that provides the financial industry with assorted data services. The company, Ascension Data & Analytics, quickly passed the buck to one of its vendors, document management startup OpticsML. However, Diachenko was also able to find the original data saved in an Amazon S3 storage server…once again, NO password to protect it. This would allow anyone who happened to guess the right web address to access and download these sensitive documents.
Worse, these servers will default to be private and not web-accessible. So, these files were left accessible by choice.
Once this was discovered, there were attempts to reach out to OpticsML. Despite their website being taken down and their phone number disconnected, an email made its way to the company’s chief executive, and the data was then secured. Affected customers are to be notified, and the incident reported to New York state regulators.
While there is bound to be more to this story, let’s focus on the real lesson here: it is critical that a business not only diligently secures its data, but that it also has the means to identify when its data has been breached.
We offer a wide variety of security services to help you keep your business’ data secure. However, the most important method to keep unwanted entities out of your network is also one of the most simple concepts in information technology: having sufficient passwords protecting you.
As reviewed above, Diachenko was able to locate a massive amount of data, left unprotected. For a moment, let’s assume that he wasn’t a security researcher, and instead wanted to steal this data for his own malicious purposes. Just imagine, all that data, available for the taking - think of the damage that could be caused if that data was to have been leaked (assuming it hadn’t been already).
This is just one of many reasons that passwords are so crucial to the success of so many businesses. Without them, you have no means of controlling who has access to your data.
As a result, you need to make sure that any sensitive data or files your organization has are only accessible via a password - and not just any password. Your passwords need to reflect industry best practices, including:
- Using a mixture of alphanumeric characters and symbols.
- Avoiding common phrases or words, random sequences or passphrases being preferable.
- Remaining a “need-to-know” asset, reducing the likelihood of someone external to the organization (or even is in the organization, but has no reason to access a given resource) can access the contents that the password was protecting.
Unfortunately, when data like this is breached, it is generally made available on something called the Dark Web, inside the Deep Web. Stay tuned for our next blog, where we’ll discuss the different levels of the Internet… it’s much bigger than you’d think.
To learn more about keeping your data safe, reach out to us at 410-531-6727.