Passwords: The Drug of Choice for Cyber Security Thieves

Passwords: The Drug of Choice for Cyber Security Thieves

Rush to steal passwords.

Last week, Experian announced that more than 12 million pieces of personal information were illegally traded online by identity thieves during the first four months of 2012, up from 9.5 million pieces illegally traded in all of 2010.

Cyber security risks are appalling, but unfortunately not surprising. This was the principal result of a survey Experian conducted of 2,000 British adults in June, combined with internal research completed by Experian Credit Expert. Willie Sutton, the famous bank robber, once replied when a reporter asked him why he robbed banks, “because that’s where the money is”. He went on to say that robbing banks gave him a “high”, it was his drug of choice. Cyber thieves are hooked on a similar addiction: passwords. Nine of ten pieces of data traded illegally were password and login combinations. Why? Because they act as gateways to enormous amounts of other information, such as address books and account numbers.

Experian’s survey also reported the average Briton has 26 online accounts, with those 25-34 the most prolific, managing an average of 40 accounts. And, this figure is predicted to grow; 17 percent anticipate signing up for six or more new accounts per month, exposing them further to IT cyber security risks and thieves chasing their password and login information.

To protect this abundance of accounts, the average Briton uses just five different passwords with 24 percent relying on a single password for the bulk of their profiles and four percent actually using the same login details for all accounts. As I mentioned in last week’s post, many people default to “123456” and “password” to protect their data. Scary indeed.

Many expose themselves to cyber security risks by failing to delete accounts they no longer use, leaving valuable personal data and financial information in accounts where the password and login have remained the same for an extended period. Two-thirds of survey respondents copped to having unused accounts online.

British consumers often find out their information is compromised when they are refused a loan or credit card, or when they are turned down for a cell phone contract.

Experian offers advice for protecting sensitive information from cyber security threats, all of which should be familiar to those who read Avatier blogs regularly. These include avoiding obvious passwords, such as our pet’s name; ensure passwords are at least eight characters in length; mix upper and lower case letters, numbers and symbols; create a system, such as basing passwords on lyrics to favorite songs; and keep an eye on credit reports.

Corporate, government, education and IT teams in other markets turn to our Password Station™ and Password Bouncer™ as a password management solution to protect the critical data within their organizations. Consumers in the U.K., U.S. and elsewhere should make the leap that if professional organizations go to great lengths to protect their critical data and reduce their cyber security risks. You should as well.

Top 10 Password Management Best Practices -- The proven working guide for successful implementation.Get Your Free Top 10 Password Management Best Practices Guide

Learn the Top 10 Password Management Best Practices for successful implementations from industry experts. Use this guide to sidestep the challenges that typically derail enterprise password management projects.

Request the Workbook

Written by Gary Thompson

Gary Thompson is a 35 year veteran of the PR industry. He was the president of Shandwick International, the world’s largest agency with 2000 people in 90 offices and 32 countries. A million mile flyer on both American and United, he got off the road at the “encouragement” of his wife. Four years ago, he founded his own firm, Clarity Communications, which counts Avatier as one its most successful clients.