immutable truths of data breaches — Krebs on Security

About the Author

Advertising/Speaking

Posts Tagged: immutable truths of data breaches

Other — 57 Comments
9
Jan 17

Krebs’s Immutable Truths About Data Breaches

I’ve had several requests for a fresh blog post to excerpt something that got crammed into the corner of a lengthy story published here Sunday: A list of immutable truths about data breaches, cybersecurity and the consequences of inaction.

Here’s the excerpt requested from yesterday’s story:

coecopy “There are some fairly simple, immutable truths that each of us should keep in mind, truths that apply equally to political parties, organizations and corporations alike:

-If you connect it to the Internet, someone will try to hack it.

-If what you put on the Internet has value, someone will invest time and effort to steal it.

-Even if what is stolen does not have immediate value to the thief, he can easily find buyers for it.

-The price he secures for it will almost certainly be a tiny slice of its true worth to the victim.

-Organizations and individuals unwilling to spend a small fraction of what those assets are worth to secure them against cybercrooks can expect to eventually be relieved of said assets.”

They may not be complete, but as a set of truisms these tenets probably will age pretty well. After all, taken as a whole they are practically a model Cybercriminal Code of Ethics, or a cybercrook’s social contract. Continue reading →

My New Book!

A New York Times Bestseller!
Recent Posts
- Carbon Emissions: Oversharing Bug Puts Security Vendor Back in Spotlight
- Blowing the Whistle on Bad Attribution
- Beware of Security by Press Release
- Alleged vDOS Operators Arrested, Charged
- Critical Security Fixes from Adobe, Microsoft
Subscribe by email

Please use your primary mailbox address, not a forwarded address.
Leave Blank:Do Not Change:
Your email:
All About Skimmers

Click image for my skimmer series.
The Value of a Hacked PC

Badguy uses for your PC
Tools for a Safer PC

Tools for a Safer PC
The Pharma Wars

Spammers Duke it Out
Badguy Uses for Your Email

Your email account may be worth far more than you imagine.
eBanking Best Practices

eBanking Best Practices for Businesses
Most Popular Posts
- Online Cheating Site AshleyMadison Hacked (798)
- Sources: Target Investigating Data Breach (620)
- Cards Stolen in Target Breach Flood Underground Markets (445)
- Reports: Liberty Reserve Founder Arrested, Site Shuttered (416)
- Was the Ashley Madison Database Leaked? (376)
- True Goodbye: 'Using TrueCrypt Is Not Secure' (363)
- Who Hacked Ashley Madison? (360)
- Following the Money, ePassporte Edition (353)
- U.S. Government Seizes LibertyReserve.com (315)
- Extortionists Target Ashley Madison Users (310)
Category: Web Fraud 2.0

Innovations from the Underground
ID Protection Services Examined
Is Antivirus Dead?

The reasons for its decline
The Growing Tax Fraud Menace

File 'em Before the Bad Guys Can
Inside a Carding Shop

A crash course in carding.
Beware Social Security Fraud

Sign up, or Be Signed Up!
How Was Your Card Stolen?

Finding out is not so easy.
Krebs’s 3 Rules…

...For Online Safety.