That Russian hackers may be hording 1.2 billion passwords merely reflects the insecurity of the world we live in today, says David Perry, threat strategist at the Finnish IT security company F-Secure (see 5 Facts About CyberVor Report) .
"This is a typical malware story," says Perry, interviewed about the CyberVor news at the Black Hat USA event in Las Vegas. Billions of nodes have been compromised on the Internet, and breaches of tens of millions of passwords occur nearly every week, Perry says.
"If you were to go to the cyber-underground there is literally a bazaar of stolen data out there," Perry says.
"Now, the problem is that they may have grabbed a billion passwords, but if they grabbed them, what do they want to use them for?" he asks. "So, what they're doing right now is assessing their intelligence on what passwords they have and deciding what should be done with them."
In the interview, Perry:
- Discusses possible steps the hackers might take to profit from the pilfered passwords;
- Addresses how Russian hackers may have relied on malware written by others to commit their crime;
- Puts a positive spin on the CyberVor news. "We know this is happening," he says. "That tells us that our countermeasures to some extent are working in the world."
Perry is the former director of education at Trend Micro and for decades has hosted a show about computers on a New York City radio station.