immutable truths of data breaches — Krebs on Security

About the Author

Advertising/Speaking

Posts Tagged: immutable truths of data breaches

Other — 57 Comments
9
Jan 17

Krebs’s Immutable Truths About Data Breaches

I’ve had several requests for a fresh blog post to excerpt something that got crammed into the corner of a lengthy story published here Sunday: A list of immutable truths about data breaches, cybersecurity and the consequences of inaction.

Here’s the excerpt requested from yesterday’s story:

coecopy “There are some fairly simple, immutable truths that each of us should keep in mind, truths that apply equally to political parties, organizations and corporations alike:

-If you connect it to the Internet, someone will try to hack it.

-If what you put on the Internet has value, someone will invest time and effort to steal it.

-Even if what is stolen does not have immediate value to the thief, he can easily find buyers for it.

-The price he secures for it will almost certainly be a tiny slice of its true worth to the victim.

-Organizations and individuals unwilling to spend a small fraction of what those assets are worth to secure them against cybercrooks can expect to eventually be relieved of said assets.”

They may not be complete, but as a set of truisms these tenets probably will age pretty well. After all, taken as a whole they are practically a model Cybercriminal Code of Ethics, or a cybercrook’s social contract. Continue reading →

My New Book!

A New York Times Bestseller!
Recent Posts
- What You Should Know About the ‘KRACK’ WiFi Security Weakness
- Krebs Given ISSA’s ‘President’s Award’
- Equifax Credit Assistance Site Served Spyware
- Hyatt Hotels Suffers 2nd Card Breach in 2 Years
- Microsoft’s October Patch Batch Fixes 62 Flaws
Subscribe by email

Please use your primary mailbox address, not a forwarded address.
Your email:
All About Skimmers

Click image for my skimmer series.
The Value of a Hacked PC

Badguy uses for your PC
Tools for a Safer PC

Tools for a Safer PC
The Pharma Wars

Spammers Duke it Out
Badguy Uses for Your Email

Your email account may be worth far more than you imagine.
eBanking Best Practices

eBanking Best Practices for Businesses
Most Popular Posts
- Online Cheating Site AshleyMadison Hacked (798)
- Sources: Target Investigating Data Breach (620)
- Cards Stolen in Target Breach Flood Underground Markets (445)
- Reports: Liberty Reserve Founder Arrested, Site Shuttered (416)
- Was the Ashley Madison Database Leaked? (376)
- True Goodbye: 'Using TrueCrypt Is Not Secure' (363)
- Who Hacked Ashley Madison? (361)
- Following the Money, ePassporte Edition (353)
- U.S. Government Seizes LibertyReserve.com (315)
- Extortionists Target Ashley Madison Users (310)
Category: Web Fraud 2.0

Innovations from the Underground
ID Protection Services Examined
Is Antivirus Dead?

The reasons for its decline
The Growing Tax Fraud Menace

File 'em Before the Bad Guys Can
Inside a Carding Shop

A crash course in carding.
Beware Social Security Fraud

Sign up, or Be Signed Up!
How Was Your Card Stolen?

Finding out is not so easy.
Krebs’s 3 Rules…

...For Online Safety.