The Lasting Impact of the Ashley Madison Breach

With such diversity of individuals whose information was compromised through the Ashley Madison hack, you have to wonder what the lasting impact of this breach will be. What are the implications associated with the companies these individuals work for? Will these individuals give in to blackmail to betray their employer, save their marriage or relationship? What can this data, plus the information from breaches like OPM, be used for to compromise our national security or trade secrets? These are all questions employers should be asking themselves.

People will always be a risk to any company’s security strategy. When I was a penetration tester, I always relied on other people to gain access into an environment. I would commonly drop USB drives in parking lots, relying on someone to pick it up and plug it into their workstation just to see, out of curiosity, what was on the drive. 9 out of 10 times this would always grant me access into the customer’s environment.

With this latest breach, we have an opportunity to use a similar tactic to show evidence of a individual’s infidelity to motivate them to give me the information that I want. Once I have this information, I can sell it on the underground to either a competitor or an overseas start-up for considerably more than I could ever get by simply blackmailing an individual. 

This is a sample of data to show the extent to which individuals used corporate accounts for their Ashley Madison account profiles. I tried to randomly hit domains from different countries and different industries.

  •  502839 .uk
  • 134 gov.uk
  • 7245 Army.mil
  • 7015 .gov
  • 13 starbucks.com
  • 46 Whitehouse.gov
  • 150 Shell.com
  • 190 Wellsfargo.com
  • 87 Stanford.edu
  • 16 chs.net
  • 89 aig.com

Should employers start locking down their internet and mail services to work functions only? Should HR and Corporate Security policies be enforced with more severe consequences? These are all challenges that corporate security teams have been dealing with for years. Should we now start empowering security teams to do their jobs efficiently? In order to do that, companies need to invest in the people, process and technologies to build a comprehensive and effective security strategy. This also means investing in a threat research and intelligence function that will mine for lost and stolen data to understand and combat the risk that our employees introduce into our environments. 

About the Author

Stephen Coty - Chief Security Evangelist at Alert Logic

Stephen Coty

Stephen Coty originally joined Alert Logic as the head of the Threat Research team, where he led the effort to build threat content and deliver threat intelligence. He later became the Chief Security Evangelist for the company. Prior to joining Alert Logic, Coty was the Manager of Cyber Security for Rackspace Hosting, and has held IT positions at multiple companies, including Wells Fargo Bank, Applied Materials, Stanford Medical Center and The Netigy Corporation. He has been in the Information Technology field since 1993. Research has been his primary focus since 2007.

@StephenCoty | More Posts by Stephen Coty