In recent years, many enterprises in the world have suffered from leaks of sensitive customer or employee information due to APT attacks, malware attacks, insider leaks, or mis-configured settings. Data breaches have a considerable impact, not only harming corporate reputations and causing business to be lost, but also causing serious risk for customers. If leaked data flows into the hands of bad actors, we can easily imagine the harmful consequences. These risks equally affect Taiwan’s 8 critical infrastructures. If sensitive information about employees or external services leaks, hackers can easily apply it to social engineering or advanced continuous penetration attacks. However, a critical infrastructure security incident can cause more than financial loss – it can also create a threat to the safety of physical equipment or to people’s lives and property.
This research will collect publicly leaked data and share some of the traps and fun that we found during the analysis. We will also share how we have conducted big data analysis on more than 10 billion pieces of data from 200 plus datasets, with a particular focus on the analysis of data leakage and password habits of 8 critical infrastructure service providers. Finally, based on the in-depth analysis of our data, we will try to provide prediction warnings to high-risk CI sectors and vendors that may be invaded due to information leakage, and finally advise how to perform prevention and mitigation measures.
Mars Cheng is a threat researcher for TXOne Networks, blending a background and experience in both ICS/SCADA and Enterprise cybersecurity systems. Mars has directly contributed to more than 10 CVE-IDs, and has had work published in three Science Citation Index (SCI) applied cryptography journals. Before joining TXOne, Mars was a security engineer at the Taiwan National Center for Cyber Security Technology (NCCST). Mars is a frequent speaker and trainer at several international cyber security conferences such as Black Hat, HITB, HITCON, SecTor, ICS Cyber Security Conference USA and Asia, CLOUDSEC, and InfoSec Taiwan as well as other conferences and seminars related to the topics of ICS and IoT security. Mars is general coordinator of HITCON 2021 and was vice general coordinator of HITCON 2020.
YenTing Lee is a Cyber Threat Researcher at the TXOne Networks IoT/ICS Security Research Labs. Before joining TXOne, YenTing was a Section Head at the Taiwan National Center for Cyber Security Technology (NCCST). He has experience in both ICS/SCADA and Cyber Offensive and Defensive Exercise. YenTing was a speaker at several internal cyber security training classes and conferences such as InfoSec Taiwan 2020.