Detect If Website Is Hacked: Computer Scientists Develop Tools

University of California scientists developed a tool that uses same passwords for email accounts and websites accounts and detects breach if hackers log in to email service using those addresses and passwords.

Detect If Website Is Hacked Computer Scientists Develop Tools
Detection Of Hacking Of Website Possible, Scientists Develop New Tools

Scientists from University of California, San Diego successfully developed a tool to detect the time at which websites are hacked. The technique includes monitoring the activity of email accounts linked with them.

Scientists were astonished to find out that approximately 1 percent of websites they tested underwent data breach during the 18-month period of research. They stated it didn’t matter how wide the reach and audience were.

“No one is above this — companies or nation states — it’s going to happen; it’s just a question of when,” said Alex C. Snoeren, the paper’s senior author and a professor of computer science at the Jacobs School of Engineering at the University of California, San Diego.

Joe DeBlasio, one of Snoeren’s Ph.D. students and the co-author of the study, said that there are over one billion websites on the internet and tens of millions of websites could be hacked every year.

The probability of popular websites undergoing breach was as likely as unpopular websites. This implies that out of top 1,000 popular websites, 10 are likely to be breached every year.

The team of scientists developed a tool with a concept, Tripwire. It is a bot which creates accounts on many websites. Each account is linked to unique email address.

The tool used the same password for website account and email account. Then scientists assessed if hackers are using the password to log in to email account. This would indicate that the website has been hacked.

To ensure breach occurred due to website hack and not through email provider, scientists set up a control group. They created nearly 100,000 email accounts with the same provider used in the study. But those addresses were not used to enroll on website. These accounts were not accessed by hackers.

Scientists did not plan to pursue more research on Tripwire.


Please enter your comment!
Please enter your name here