According to a somewhat self-congratulatory update Google posted
earlier today, it’s getting significantly harder for hackers to successfully
compromise its users’ accounts. Google says it has “dramatically reduced the
number of compromised accounts by 99.7 percent since the peak of these
hijacking attempts in 2011.”
As spam
filters improved, Google writes, spammers learned around 2010 that the only way
to get past these barriers was to use real accounts that users would trust and
this meant hacking into existing accounts to send spam from them. Now, using
data available on the black market, Google writes, the company regularly sees
these kinds of attacks, including, for example, “a single attacker using stolen
passwords to attempt to break into a million different Google accounts every
single day, for weeks at a time.”
“WE’VE SEEN A SINGLE ATTACKER USING STOLEN PASSWORDS TO ATTEMPT TO BREAK
INTO A MILLION DIFFERENT GOOGLE ACCOUNTS EVERY SINGLE DAY, FOR WEEKS AT A
TIME.”
Once Google realized this was becoming a major issue, it beefed up its
security efforts and now performs a “complex risk analysis” every single time
somebody logs in to its systems. The company says it evaluates over 120
variables for every login and then decides whether to prompt a user for extra
information like the user’s phone number before completing the login.
Google recommends that its users enable extra security features like its 2-factor authentication system and choose strong passwords. Most people,
of course, don’t really do this, so chances are there will always be some
accounts that will remain vulnerable to account hijacking. [TechCrunch]
You can follow me on Twitter, add me to your
circles on Google+ or Subscribe to
me on facebook or YouTube. You can also
check my website and blog to keep yourself
updated with what is happening in the ever changing world of technology
No comments:
Post a Comment