Real-Time Service Alerts
Are Your Passwords in the Green?
Looking at Passwords in 2022 – Hive Systems
It’s been two years since (Hive Systems) we first shared our (now famous) password table. (shown above) So it was about time we not only updated it for 2022 but we wanted to walk you through our methodology. While the data fits nicely into the table above, things aren’t as as simple as it shows. So we’ll walk you through our data, our assumptions, and oh, you’re going to see a LOT of variations of the password table above!
“So how’d you make the table”?”
In 2020, we shared a colorful table that took the internet by storm. It showed the relative strength of a password against a brute force cracking attempt, based on the password’s length and complexity. The data was based on how long it would take a consumer-budget hacker to crack your password hash using a desktop computer with a top-tier graphics card. Two years later – quite a long period of time in processing power improvement terms – we’re long overdue for an update.
First, let’s get some key terms out of the way. We’re going to talk about hashing. – find out how they built the table above and learn about why password strength is important.
“What about the elephant in the room: what if my password has been previously stolen, uses simple words, or I reuse it between sites?”
Our password table focuses on the idea that the hacker is working in a “black box” situation and is having to start from scratch to hack your hash. Through the use of rainbow tables, dictionary attacks, and previously stolen hashes, your password table may (unsurprisingly) look like this:
Password table if your 
State Bar of California
Exploit: Hacking
State Bar of California: Legal Professional & Regulatory Body
Risk to Business: 2.177= Severe
The State Bar of California is investigating a data breach after learning that a third-party website had published confidential information about 260,000 attorney discipline cases in California and other jurisdictions. The exposed data included case numbers, file dates, information about the types of cases and their statuses, respondent and complaining witness names.
Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.
How It Could Affect Your Business: Sensitive data of this sort is a valuable commodity. This information could be used for blackmail, fraud, spear phishing, BEC and so much more nastiness.
IntegraMSP to the Rescue: Learn more about how high cyber resilience helps prevent trouble like this, why it is the ticket to a safer future for you and how to build it. GET THIS EBOOK>>
New York State Ethics Commission
https://www.insurancejournal.com/news/east/2022/02/28/655883.htm
Exploit: Hacking
New York State Ethics Commission: Regulatory Authority
Risk to Business: 2.807=Moderate
New York’s ethics commission has shut down its online filing system after a cyberattack. The attack impacted several functions including a web server for the agency’s lobbying application and financial disclosure filing systems as well as other functions. The systems were taken offline late last week and will remain offline for the foreseeable future.
How It Could Affect Your Business Losing the ability to process online applications, sales or requests could be a death knell for some businesses.
IntegraMSP to the Rescue: The Computer Security To-Do List will help you find vulnerabilities DOWNLOAD IT>>
Nvidia
Exploit: Ransomware
Nvidia: Graphics Processing Units (GPU) Manufacturer
Risk to Business: 1.616 = Severe
Legendary graphics chipmaker Nvidia has been hit with ransomware that took several of the company’s functions down for days, including internal email and developer tools. Ransomware group Lapsus$ is claiming responsibility. The group claims to have some 1TB of Nvidia threatening to leak it if Nvidia doesn’t pay an unspecified sum. In a highly unusual turn of events, a few days later, Lapsus$ took to the web to indignantly complain that Nvidia had hacked them in return, encrypting the data that Lapsus$ had snatched. The group says they have backups, and they’ll start publishing Nvidia’s data soon.
Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.
How It Could Affect Your Business: Cybercriminals are having a field day attacking supply chain targets in the hope of scoring a big payday fast from an organization with no time to lose.
IntegraMSP to the Rescue: Get an in-depth look at how ransomware is evolving and who profits from it in our hit eBook Ransomware Exposed. GET THIS EBOOK>>
Bridgestone Americas
Exploit: Hacking
Bridgestone Americas: Tire Manufacturer
Risk to Business: 1.414 = Extreme
Bridgestone is shutting down production at its factories around the US as the company deals with an unspecified cybersecurity incident. The company released a statement saying that it was immediately disconnecting and pausing production at factories in the US and Latin America, with no projected timeline for reopening provided to employees.
Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.
How it Could Affect Your Business Supply chain disruption has been the name of the game for cybercriminals and tires are an important part of most supply chains.
IntegraMSP to the Rescue: Cybersecurity horrors lurk around every corner, lying in wait for unwary organizations. Learn how to defeat them in our eBook Monsters of Cybersecurity. DOWNLOAD IT NOW>>
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.