Businesses need to wake up and smell the hackers

eBay is just one target of cybercriminals who cost the global economy $300bn a year

Know you should change your password but can't be bothered? Your inertia may be stirred. The hacking of between 120 million and 145 million eBay accounts, revealed this week, is the latest in a series of huge data leaks to have hit corporate giants.

The leaking of 40 million of its customers' credit card details cost the chief executive of the US retailer Target, Gregg Steinhafel, his job earlier this month and has dented company performance. The US department store group Neiman Marcus, British grocer Morrisons and the social network LinkedIn have also been hit by large-scale data breaches as their goldmines of customer details have been drained, causing corporate humiliation. From "spear phishing" to "sprite" hacks, the types of data breaches are becoming more frequent and more varied.

The perpetrators of the attack on eBay are yet to be discovered but the auction site said criminals elicited customers' names, encrypted passwords, email addresses, physical addresses, phone numbers and dates of birth. It may not seem greatly sensitive but could equate to a mortgage being taken out in your name or your identity being used to commit crime.

Although no financial information was involved, fears are rising that the data could be used in conjunction with information from other hacks – traded on the black market – to build a detailed profile of a victim. Customers have been told to change their password urgently as the hack actually occurred three months ago.

In the meantime, the impact of the Heartbleed bug – thought to have hit 17 per cent of the internet's secure servers – has come to light. Although it is unlikely to be connected to the eBay attack, it heightens the sense that online security is looking shaky.

Reports suggest that eBay users rushing to change their password have swamped the site. "Even if every hacked user changed their password, that would still take six days and many have been unable to change them," says Ian Shaw, managing director of the consultant MWR InfoSecurity.

The cost of hacking to businesses worldwide is escalating. A report on cyber crime and espionage by the Center for Strategic and International Studies in Washington last year estimated that it costs the global economy $300bn (£180bn) a year. An industry is growing around hacking. Research by the accountancy firm PwC shows cyber insurance is the fastest-growing speciality cover ever – worth around $1.3bn a year in the US and anywhere between £50m and £130m in the EU.

The seismic ripples of hacks will have struck fear into the hearts of those in charge of protecting priceless data in large financial institutions. The Financial Policy Committee, the regulator, has recommended that additional studies are made of cyber crime.

In November, the Bank of England told banks to strengthen their defences against online saboteurs and invited 100 bankers, regulators and government officials to take part in a "war game" simulation dubbed "Waking Shark 11' in the City.

Hackers are also raising their profile. Large-scale organisations including Anonymous and the Syrian Electronic Army have become global names and, in the latter's case, fed off the recession in hitting out at large corporate organisations online. However, big companies are also often being outsmarted by small, organised gangs, causing further embarrassment.

On the surface, companies appear remarkably vulnerable to attacks. EBay said its systems were infiltrated via the accounts of a "small number of employee log-in credentials", from which hackers could gain access to an entire database.

"It's like saying 'I'm a little bit pregnant'," said Andrew France, chief executive of the cyber defence company Darktrace. "If the accounts hacked are the chief technology officer or chief executive then the information could be vital."

Businesses are even more vulnerable when suffering deliberate data leaks. In March, the details of thousands of Morrisons' customers were leaked online and to a local newspaper by a disenchanted employee who had legitimate access to the data. "That was a malicious case but often employees are just ignorant about how systems work," says Mr France. "Security needs to spot unusual behaviour, deliberate or otherwise."

The huge eBay security breach also raises a question over public communications as the attack dated back to February. David Emm, a senior researcher at the internet security firm Kaspersky Lab, said: "While it might seem as though eBay has been slow to respond, if the company has only just discovered the full extent of the attack it is now doing the right thing by notifying customers in a timely manner."

Cyber crime seems as if it is inexorably on the up, as does the cost of preventing it. However, if large companies and consumer alike are to prevent it, decisive and frequent action will need to be taken quickly before bank accounts are drained. The latest swathe of hacks may just spark a few more sceptics into action.

Need to know: What to do to stop the hackers

"Change your password, change your password, change your password," says Andrew France at Darktrace. "I know it's a pain but change it every month, use upper and lower case letters and different numbers. It's the only absolute way to avoid hacking."

Brian Krebs, who writes the blog Krebs on Security, which exposed the Target data breach, also advises changing all passwords, but adds: "Be extra wary of phishing emails that spoof eBay and PayPal and ask you to click on some link or download some security tool; attackers are likely to capitalise on this incident to spread malware and to hijack accounts."

News
The surrealist comedian at the Q Awards in 2010
people
News
Russell Brand arriving for the book launch in East London
peopleRussell Brand cancels his book launch debate due to concerns about the make-up of the panel
Sport
Christiano Ronaldo enjoys his opening goal
champions leagueLiverpool 0 Real Madrid 3: Ronaldo and Benzema run Reds ragged to avenge thrashing from their last visit to Anfield
Arts and Entertainment
Awesome foursome: Sam Smith shows off his awards
music22-year-old confirms he is 2014’s breakout British music success
PROMOTED VIDEO
Life and Style
Six of the 76 Goats' cheese samples contained a significant amount of sheep's cheese
food + drink
Arts and Entertainment
Contestants during this summer's Celebrity Big Brother grand finale
tvBroadcaster attempts to change its image following sale to American media group
Extras
indybest
Arts and Entertainment
Sir Nicholas Serota has been a feature in the Power 100 top ten since its 2002 launch
art
Arts and Entertainment
Sarah Dales attempts to sell British Breeze in the luxury scent task
tvReview: 'Apprentice' candidate on the verge of tears as they were ejected from the boardroom
News
Call me Superman: one of many unusual names chosen by Chinese students
newsChinese state TV offers advice for citizens picking a Western moniker
News
ebooksAn unforgettable anthology of contemporary reportage
News
Wilko Johnson is currently on his farewell tour
people
Voices
New look: Zellweger at Elle's Women in Hollywood awards on Monday
voicesRenée Zellweger's real crime has been to age in an industry that prizes women's youth over humanity, says Amanda Hess
News
Let’s pretend: KidZania in Tokyo
educationKidZania lets children try their hands at being a firefighter, doctor or factory worker for the day
Life and Style
CHARGE BOOSTER: Aeroplane mode doesn't sound very exciting, but it can be a (phone) hacker's friend. Turning on the option while charging your mobile will increase the speed at which your phone battery charges
techNew book reveals how to rid your inbox of spam, protect your passwords and amplify your iPhone
Arts and Entertainment
Julianne Moore and Ellen Page are starring together in civil rights drama Freeheld
film
Latest stories from i100
Have you tried new the Independent Digital Edition apps?
Independent Dating
and  

By clicking 'Search' you
are agreeing to our
Terms of Use.

iJobs Job Widget
iJobs Money & Business

IT Systems Business Analyst - Watford - £28k + bonus + benefits

£24000 - £28000 per annum + bonus & benefits: Ashdown Group: IT Business Syste...

Trainee Recruitment Consultant - Birmingham - Real Staffing

£18000 - £23000 per annum + Commission: SThree: The SThree group is a world le...

Trainee Recruitment Consultant Birmingham

£18000 - £23000 per annum + Comission: SThree: The SThree group is a world lea...

Trainee Recruitment Consultants

£20000 - £25000 per annum + OTE £Competitive: SThree: SThree Group and have be...

Day In a Page

How could three tourists have been battered within an inch of their lives by a burglar in a plush London hotel?

A crime that reveals London's dark heart

How could three tourists have been battered within an inch of their lives by a burglar in a plush London hotel?
Meet 'Porridge' and 'Vampire': Chinese state TV is offering advice for citizens picking a Western moniker

Lost in translation: Western monikers

Chinese state TV is offering advice for citizens picking a Western moniker. Simon Usborne, who met a 'Porridge' and a 'Vampire' while in China, can see the problem
Handy hacks that make life easier: New book reveals how to rid your inbox of spam, protect your passwords and amplify your iPhone

Handy hacks that make life easier

New book reveals how to rid your email inbox of spam, protect your passwords and amplify your iPhone with a loo-roll
KidZania lets children try their hands at being a firefighter, doctor or factory worker for the day

KidZania: It's a small world

The new 'educational entertainment experience' in London's Shepherd's Bush will allow children to try out the jobs that are usually undertaken by adults, including firefighter, doctor or factory worker
Renée Zellweger's real crime has been to age in an industry that prizes women's youth over humanity

'Renée Zellweger's real crime was to age'

The actress's altered appearance raised eyebrows at Elle's Women in Hollywood awards on Monday
From Cinderella to The Jungle Book, Disney plans live-action remakes of animated classics

Disney plans live-action remakes of animated classics

From Cinderella to The Jungle Book, Patrick Grafton-Green wonders if they can ever recapture the old magic
Thousands of teenagers to visit battlefields of the First World War in new Government scheme

Pupils to visit First World War battlefields

A new Government scheme aims to bring the the horrors of the conflict to life over the next five years
The 10 best smartphone accessories

Make the most of your mobile: 10 best smartphone accessories

Try these add-ons for everything from secret charging to making sure you never lose your keys again
Mario Balotelli substituted at half-time against Real Madrid: Was this shirt swapping the real reason?

Liverpool v Real Madrid

Mario Balotelli substituted at half-time. Was shirt swapping the real reason?
West Indies tour of India: Hurricane set to sweep Windies into the shadows

Hurricane set to sweep Windies into the shadows

Decision to pull out of India tour leaves the WICB fighting for its existence with an off-field storm building
Indiana serial killer? Man arrested for murdering teenage prostitute confesses to six other murders - and police fear there could be many more

A new American serial killer?

Police fear man arrested for murder of teen prostitute could be responsible for killing spree dating back 20 years
Sweetie, the fake 10-year-old girl designed to catch online predators, claims her first scalp

Sting to trap paedophiles may not carry weight in UK courts

Computer image of ‘Sweetie’ represented entrapment, experts say
Fukushima nuclear crisis: Evacuees still stuck in cramped emergency housing three years on - and may never return home

Return to Fukushima – a land they will never call home again

Evacuees still stuck in cramped emergency housing three years on from nuclear disaster
Wildlife Photographer of the Year: Intimate image of resting lions claims top prize

Wildlife Photographer of the Year

Intimate image of resting lions claims top prize
Online petitions: Sign here to change the world

Want to change the world? Just sign here

The proliferation of online petitions allows us to register our protests at the touch of a button. But do they change anything?