Kaspersky Lab Hacked: What Hope For the Rest of Us?

By

Usually when there's been some kind of major hacking, we get word from security firms like Kaspersky Lab and the like telling us about how important strong passwords are and how we need to rotate such passwords and other similar tips. But what happens when it's the security firms like Kaspersky Lab that get hacked? That's just what happened Wednesday.

While the Moscow-based Kaspersky Lab was quick to assure its customers that data was safe—reports suggest that the hackers didn't even target the user information, rather focusing on Kaspersky's internal systems and “intellectual property” storage—the fact that the company was successfully hacked at all raises distressing questions. Reports also note that the hole in Kaspersky's systems used to break into the operation in the first place had since been fixed.

Kaspersky Lab also noted that the hackers were “a generation ahead of anything seen,” and apparently focused on methods designed to exploit “zero-day vulnerabilities,” as in finding the things even the developers didn't know had gone wrong. Kaspersky wasn't naming names when it came to who it believed attacked, but suggested that a government was behind it due to the sheer costs of the infrastructure needed to stage such an attack.

But if Kaspersky Lab itself—whose tools are frequently used by companies who want to protect against such a fate—is hacked, then what hope do the rest of us have to remain safe from intrusion? Attacks are happening on a daily basis by some reports, and indeed, word from Verizon Enterprise Solutions estimates that there were 700 million compromised records from companies worldwide combining to make losses of $400 million total in just 2014. But the picture is likely even worse than that; Verizon Enterprise Solutions' study was reportedly based on 70 organizations that supply data for the study, so the actual losses of the other firms that exist and have suffered losses would likely make those totals soar.

via Shutterstock.com

There is, of course, one great point protecting most of us; most hacks are nowhere near this complex or aggressive. Most hacks seen by regular people are simple affairs that can often be turned away with a fairly decent password. The kinds of hackings seen by places like Kaspersky are huge affairs requiring ridiculous amounts of funding to carry off, something that's not going to be done by someone wanting access to a bank account that may contain four to five figures. Essentially, the hope that most of us have is that the return on investment isn't going to be sufficient; sure, if Kaspersky can be broken, anyone can be broken, but look at what it would take. A person could invest in a great security system only to discover that a particularly ambitious thief took a chainsaw to the side of the house.

In a way, none of us are ever safe. But thieves are no different from any other business in one particular point: thieves must be profitable to survive, and no thief will survive long using Kaspersky-grade methods to break into a PayPal account. So the normal protection methods will likely be proof against the normal attacks, and most of us can sleep soundly at night knowing we probably won't be hacked by a government sufficiently ambitious to attempt to break into an operation like Kaspersky.




Edited by Stefania Viscusi
Get stories like this delivered straight to your inbox. [Free eNews Subscription]

Contributing TechZone360 Writer

SHARE THIS ARTICLE
Related Articles

Can Science Outsmart Deepfake Deceivers? Klick Labs Proposes an Emerging Solution

By: Alex Passett    3/25/2024

Researchers at Klick Labs were able to identify audio deepfakes from authentic audio recordings via new vocal biomarker technology (alongside AI model…

Read More

Top 5 Best Ways to Integrate Technology for Successful Project-Based Learning

By: Contributing Writer    3/19/2024

Project-based learning, also popularly known as the PBL curriculum, emphasizes using and integrating technology with classroom teaching. This approach…

Read More

How to Protect Your Website From LDAP Injection Attacks

By: Contributing Writer    3/12/2024

Prevent LDAP injection attacks with regular testing, limiting access privileges, sanitizing user input, and applying the proper encoding functions.

Read More

Azure Cost Optimization: 5 Things You Can Do to Save on Azure

By: Contributing Writer    3/7/2024

Azure cost optimization is the process of managing and reducing the overall cost of using Azure. It involves understanding the resources you're using,…

Read More

Massive Meta Apps and Services Outage Impacts Users Worldwide

By: Alex Passett    3/5/2024

Meta's suite of apps and services are experiencing major global outages on Super Tuesday 2024.

Read More