Annually around 1% of all websites get hacked

Scientists from the University of California San Diego developed a technology that potentially allows to determine the number of data breaches that remain unsolved and not reported to the general public. Researcher Joe DeBlasio together with his scientific advisor Alex Snoeren developed an instrument called Tripwire. It’s a program that automatically registers on websites and created a unique email address for each account. In addition, in all cases the same password is used. In case a third party accesses one of the accounts, a conclusion is made that this website suffered a breach. To ensure the validity of the experiment another 10 thousand addresses were registered using the same email service. They remain unused and serve as a control group. They will be able to prove that the leak came from the website and not email service.

Using Tripwire DeBlasio created accounts on other 2000 websites. He discovered that during the year 19 of them were breached. The number doesn’t seem so high, but if DeBlasio’s sample is representative it means that annually approximately 1 percent of all websites are breached. These are tens of millions of breaches, the majority of which remain unknown. The researcher has notified administrators of the 19 websites about recorded leaks and moved to the second phase of the experiment. This time Tripwire will register two accounts on each resource – with an easy and a difficult password. If both are hacked, this will mean that the website stored users’ password unencrypted.


source:  Technical Center of Internet

Back to the list