Byron Rashed, VP of Marketing at Centripetal Networks:
“Compromised credentials are the basis for a threat actor to perform network infiltration, data exfiltration, spoofing, account takeover, stolen PII, and various other malicious activities that can create huge risks for businesses and individuals. Most Internet users (consumers) do not have even a basic knowledge of what a compromised credential is, or the ramifications of having their credentials stolen.
“Most likely Google is obtaining these credentials from dumps that are readily available and most likely have been for sale or trade in the underground economy. The real challenge of mitigating risk with regard to compromised credentials is to obtain the list from the threat actor before it is available for sale or on dump sites that are public. Most compromised credential sites only deliver those credentials that are already available. However, there is value into that since the credential may not be leveraged by cybercriminals…yet, and the user most likely has no knowledge of this since most are unaware of compromised credentials and where to find them. Google is using Chrome, which is used ubiquitously by their users to deliver this warning.
“Privacy is an issue, these credentials must be stored somewhere and transmitted to the browser. Any time credentials or PII are stored, it will create a target for cybercriminals that have very complex tools to extract them. The security of these credential that Google has I’m sure will be tested since it’s “password compromised-based,” not the username, meaning the compromised password for that site is still using the compromised credential.”
To read more please visit information security buzz.
