Businesses need to wake up and smell the hackers

eBay is just one target of cybercriminals who cost the global economy $300bn a year

Know you should change your password but can't be bothered? Your inertia may be stirred. The hacking of between 120 million and 145 million eBay accounts, revealed this week, is the latest in a series of huge data leaks to have hit corporate giants.

The leaking of 40 million of its customers' credit card details cost the chief executive of the US retailer Target, Gregg Steinhafel, his job earlier this month and has dented company performance. The US department store group Neiman Marcus, British grocer Morrisons and the social network LinkedIn have also been hit by large-scale data breaches as their goldmines of customer details have been drained, causing corporate humiliation. From "spear phishing" to "sprite" hacks, the types of data breaches are becoming more frequent and more varied.

The perpetrators of the attack on eBay are yet to be discovered but the auction site said criminals elicited customers' names, encrypted passwords, email addresses, physical addresses, phone numbers and dates of birth. It may not seem greatly sensitive but could equate to a mortgage being taken out in your name or your identity being used to commit crime.

Although no financial information was involved, fears are rising that the data could be used in conjunction with information from other hacks – traded on the black market – to build a detailed profile of a victim. Customers have been told to change their password urgently as the hack actually occurred three months ago.

In the meantime, the impact of the Heartbleed bug – thought to have hit 17 per cent of the internet's secure servers – has come to light. Although it is unlikely to be connected to the eBay attack, it heightens the sense that online security is looking shaky.

Reports suggest that eBay users rushing to change their password have swamped the site. "Even if every hacked user changed their password, that would still take six days and many have been unable to change them," says Ian Shaw, managing director of the consultant MWR InfoSecurity.

The cost of hacking to businesses worldwide is escalating. A report on cyber crime and espionage by the Center for Strategic and International Studies in Washington last year estimated that it costs the global economy $300bn (£180bn) a year. An industry is growing around hacking. Research by the accountancy firm PwC shows cyber insurance is the fastest-growing speciality cover ever – worth around $1.3bn a year in the US and anywhere between £50m and £130m in the EU.

The seismic ripples of hacks will have struck fear into the hearts of those in charge of protecting priceless data in large financial institutions. The Financial Policy Committee, the regulator, has recommended that additional studies are made of cyber crime.

In November, the Bank of England told banks to strengthen their defences against online saboteurs and invited 100 bankers, regulators and government officials to take part in a "war game" simulation dubbed "Waking Shark 11' in the City.

Hackers are also raising their profile. Large-scale organisations including Anonymous and the Syrian Electronic Army have become global names and, in the latter's case, fed off the recession in hitting out at large corporate organisations online. However, big companies are also often being outsmarted by small, organised gangs, causing further embarrassment.

On the surface, companies appear remarkably vulnerable to attacks. EBay said its systems were infiltrated via the accounts of a "small number of employee log-in credentials", from which hackers could gain access to an entire database.

"It's like saying 'I'm a little bit pregnant'," said Andrew France, chief executive of the cyber defence company Darktrace. "If the accounts hacked are the chief technology officer or chief executive then the information could be vital."

Businesses are even more vulnerable when suffering deliberate data leaks. In March, the details of thousands of Morrisons' customers were leaked online and to a local newspaper by a disenchanted employee who had legitimate access to the data. "That was a malicious case but often employees are just ignorant about how systems work," says Mr France. "Security needs to spot unusual behaviour, deliberate or otherwise."

The huge eBay security breach also raises a question over public communications as the attack dated back to February. David Emm, a senior researcher at the internet security firm Kaspersky Lab, said: "While it might seem as though eBay has been slow to respond, if the company has only just discovered the full extent of the attack it is now doing the right thing by notifying customers in a timely manner."

Cyber crime seems as if it is inexorably on the up, as does the cost of preventing it. However, if large companies and consumer alike are to prevent it, decisive and frequent action will need to be taken quickly before bank accounts are drained. The latest swathe of hacks may just spark a few more sceptics into action.

Need to know: What to do to stop the hackers

"Change your password, change your password, change your password," says Andrew France at Darktrace. "I know it's a pain but change it every month, use upper and lower case letters and different numbers. It's the only absolute way to avoid hacking."

Brian Krebs, who writes the blog Krebs on Security, which exposed the Target data breach, also advises changing all passwords, but adds: "Be extra wary of phishing emails that spoof eBay and PayPal and ask you to click on some link or download some security tool; attackers are likely to capitalise on this incident to spread malware and to hijack accounts."

A 1930 image of the Karl Albrecht Spiritousen and Lebensmittel shop, Essen. The shop was opened by Karl and Theo Albrecht’s mother; the brothers later founded Aldi
Lane Del Rey performing on the Pyramid Stage at Glastonbury 2014
people... but none of them helped me get a record deal, insists Lana Del Rey
Life and Style
fashion Designs are part of feminist art project by a British student
Arts and Entertainment
Dwayne 'The Rock' Johnson stars in Hercules
filmReview: The Rock is a muscular Davy Crockett in this preposterous film, says Geoffrey Macnab
Arts and Entertainment
British author Howard Jacobson has been long-listed for the Man Booker Prize
Life and Style
Arts and Entertainment
Standing the test of time: Michael J Fox and Christopher Lloyd in 'Back to the Future'
filmA cult movie event aims to immerse audiences of 80,000 in ‘Back to the Future’. But has it lost its magic?
Louis van Gaal watches over Nani
Arts and Entertainment
Flora Spencer-Longhurst as Lavinia, William Houston as Titus Andronicus and Dyfan Dwyfor as Lucius
theatreThe Shakespeare play that proved too much for more than 100 people
exclusivePunk icon Viv Albertine on Sid Vicious, complacent white men, and why free love led to rape
New Real Madrid signing James Rodríguez with club president Florentino Perez
transfersColombian World Cup star completes £63m move to Spain
ebookA unique anthology of reporting and analysis of a crucial period of history
Arts and Entertainment
Stir crazy: Noel Fielding in 'Luxury Comedy 2: Tales from Painted Hawaii'
comedyAs ‘Luxury Comedy’ returns, Noel Fielding on why mainstream success scares him and what the future holds for 'The Boosh'
Life and Style
Flow chart: Karl Landsteiner discovered blood types in 1900, yet scientists have still not come up with an explanation for their existence
lifeAll of us have one. Yet even now, it’s a matter of debate what they’re for
Arts and Entertainment
'Weird Al' Yankovic, or Alfred Matthew, at the 2014 Los Angeles Film Festival Screening of
musicHis latest video is an ode to good grammar. But what do our experts think he’s missed out?
Hotel Tour d’Auvergne in Paris launches pay-what-you-want
travelIt seems fraught with financial risk, but the policy has its benefits
Arts and Entertainment
booksThe best children's books for this summer
Latest stories from i100
Have you tried new the Independent Digital Edition apps?
Independent Dating

By clicking 'Search' you
are agreeing to our
Terms of Use.

iJobs Job Widget
iJobs Money & Business

Insight Analyst – Permanent – Up to £40k – North London

£35000 - £40000 Per Annum plus 23 days holiday and pension scheme: Clearwater ...

Business Analyst - Banking - Scotland - £380-£480

£380 - £480 per day: Orgtel: Business Analyst - Banking - Edinburgh - £380 - ...

Risk Analyst - (Multi Asset class) £70k - £80k

£70000 - £80000 per annum: Harrington Starr: My client is a leading financial ...

Programme Director - Conduct Risk - London

£850 - £950 per day: Orgtel: Programme Director - Conduct Risk - Banking - £85...

Day In a Page

Noel Fielding's 'Luxury Comedy': A land of the outright bizarre

Noel Fielding's 'Luxury Comedy'

A land of the outright bizarre
What are the worst 'Word Crimes'?

What are the worst 'Word Crimes'?

‘Weird Al’ Yankovic's latest video is an ode to good grammar. But what do The Independent’s experts think he’s missed out?
Can Secret Cinema sell 80,000 'Back to the Future' tickets?

The worst kept secret in cinema

A cult movie event aims to immerse audiences of 80,000 in ‘Back to the Future’. But has it lost its magic?
Facebook: The new hatched, matched and dispatched

The new hatched, matched and dispatched

Family events used to be marked in the personal columns. But now Facebook has usurped the ‘Births, Deaths and Marriages’ announcements
Why do we have blood types?

Are you my type?

All of us have one but probably never wondered why. Yet even now, a century after blood types were discovered, it’s a matter of debate what they’re for
Honesty box hotels: You decide how much you pay

Honesty box hotels

Five hotels in Paris now allow guests to pay only what they think their stay was worth. It seems fraught with financial risk, but the honesty policy has its benefit
Commonwealth Games 2014: Why weight of pressure rests easy on Michael Jamieson’s shoulders

Michael Jamieson: Why weight of pressure rests easy on his shoulders

The Scottish swimmer is ready for ‘the biggest race of my life’ at the Commonwealth Games
Some are reformed drug addicts. Some are single mums. All are on benefits. But now these so-called 'scroungers’ are fighting back

The 'scroungers’ fight back

The welfare claimants battling to alter stereotypes
Amazing video shows Nasa 'flame extinguishment experiment' in action

Fireballs in space

Amazing video shows Nasa's 'flame extinguishment experiment' in action
A Bible for billionaires

A Bible for billionaires

Find out why America's richest men are reading John Brookes
Paranoid parenting is on the rise - and our children are suffering because of it

Paranoid parenting is on the rise

And our children are suffering because of it
For sale: Island where the Magna Carta was sealed

Magna Carta Island goes on sale

Yours for a cool £4m
Phone hacking scandal special report: The slide into crime at the 'News of the World'

The hacker's tale: the slide into crime at the 'News of the World'

Glenn Mulcaire was jailed for six months for intercepting phone messages. James Hanning tells his story in a new book. This is an extract
We flinch, but there are degrees of paedophilia

We flinch, but there are degrees of paedophilia

Child abusers are not all the same, yet the idea of treating them differently in relation to the severity of their crimes has somehow become controversial
The truth about conspiracy theories is that some require considering

The truth about conspiracy theories is that some require considering

For instance, did Isis kill the Israeli teenagers to trigger a war, asks Patrick Cockburn