科技创新!
Google releases its year
Hackers are constantly trying to break into Google accounts, so Google researchers spent a year tracing how hackers steal passwords and expose them on the internet's black market.
To gather hard evidence about the tools hackers use to swipe passwords, Google collaborated with University of California Berkeley cybersecurity experts to track activity on some of these markets. On Thursday, they published their results.
"There’s a lot of anecdotes about how accounts are being hijacked and we’re providing solid evidence about how this is going on in the wild," Google anti-abuse researcher Kurt Thomas told Mashable.
SEE ALSO: Google adds stronger security features for hacking targetsGoogle found that most passwords are obtained in two ways: deceptive e-mail phishing and "third-party breaches," such as hackers scraping passwords from a massive corporation like Equifax. In the year between March 2016 and 2017, Google found 12 million credentials (which are a combination of both usernames and passwords) obtained from phishing and a whopping 3.3 billion credentials swiped during third-party breaches.
The numbers are staggering because passwords are an attractive commodity — especially a Google account password that allows access to one's Gmail, Google Docs, Google Drive, and so on.
"It's the key to the kingdom," said Thomas. "Accounts are incredibly valuable to hijackers. There's an incredible effort they’re putting into getting access to your email."
"Passwords are no longer a paradigm that you can really trust in."
Although the study's stolen password numbers are massive, it's important to note that the research team was limited in scope, so these figures could be significantly higher; the team only collected information that was freely available on the web.
"A hijacker that doesn’t hold themselves to that standard can get a lot more," explained Thomas.
It's certainly not rare anymore for people to have their e-mail accounts hijacked by the web's malicious players. Google says that 15 percent of web users report having an account breached by hackers, although that number could certainly be much higher.
If passwords have so many enemies today — either through direct hacking or massive corporate data breaches — how do we battle these constant attempts at password theft?
Thomas emphasized using different passwords across sites, which many people know but simply disregard. Juggling passwords used to pretty inconvenient, but today there are reputable password managers. "Use a password manager," said Thomas, while also emphasizing Google's own security measures, such as Google's Security Check-up and having a phone number associated with your account — so Google can alert you of suspicious activity.
In short, meaningful password security — for Google accounts — is a collaborative effort between Google's behind-the-scene efforts to spot strange account activity and your own vigilance.
Take it from a cybersecurity expert: "Passwords are no longer a paradigm that you can really trust in," said Thomas.
Featured Video For You
Puerto Rico is recovering cell service... with balloons
文章
75
浏览
3
获赞
279
热门推荐
Best desktop companions to make working from home less lonely
Remember desktop pets? In the very early days of the web, they came in many forms (cats, ants, cockrTwitter returns to the Mac, but don't expect too much
The official Twitter app is once again available for the Mac.The company discontinued the app, whichJuno abruptly shut down and refers riders to Lyft
The clock is ticking to take your final Juno ride.The New York-only ride-sharing service announced MWhat Google revealed at its big event: Pixel 4, Nest Mini, and more
Googlefest 2019 was only short on surprises because we basically knew everything that was coming alrHTC launches Vive Sync beta, offers businesses free VR meetings
Hundreds of millions of people are taking online meetings from home due to the coronavirus lockdownsTrump's dead father mistake may be his most awkward moment this week
In any given week, President Donald Trump may have a dozen cringe-worthy moments. But an awkward encKiller Mike apologized after the NRA used his words to bash the March for Our Lives
It's probably not a surprise, but you shouldn't trust the NRA.Killer Mike, one half of popular rap gI shot hoops at the top of a high
I made a few baskets while shooting hoops at the side of a San Francisco high-rise. No, really, takeSophie Turner chugging wine on a Jumbotron is deeply inspiring
Game of Thronesstar Sophie Turner (also known as Sansa Stark) dabbed then chugged a glass of red winMacy's data breach sees customer payment details stolen
Macy's has revealed its website suffered a security breach for a week in October exposing the personTrump's dead father mistake may be his most awkward moment this week
In any given week, President Donald Trump may have a dozen cringe-worthy moments. But an awkward encYouTube rolls out big changes to its desktop homepage
YouTube is launching some major changes to its desktop homepage today.The biggest change is literallTwitter admits it went too far with '5G causes COVID
Even Twitter admits it was too heavy-handed with its misinformation labels for posts about COVID-19,The Trump administration is like middle school (with nuclear weapons)
Adolescence can last anywhere from three years to 65 -- at least in the case of the Trump administraHow to calm your nerves while watching the Olympics
Viewing the Winter Olympics is a deeply nerve-wracking experience.Yeah, yeah, it's worse for the ath