What is the value of your username, password and online identity? About 3/100ths of a cent, according to a new report from Ixia. Black market value of your online identity In its “Security Report 2017,” the Calabasas computer network company recounted 2016’s biggest online security breaches, starting with a BlackEnergy malware attack on Ukraine’s power grid in January, followed by a rash of ransomware demands in March, a Bangladesh scam that cost banks $80 million, the billion-account hack of Yahoo Inc. and the security breaches during the U.S. elections, which are still under official investigation. The Justice Department has accused two Russian intelligence agents and two cybercriminals with orchestrating the Yahoo hack. The value of an online identity was calculated using the reported price the hackers received for the stolen information. “If the $300,000 asking price for the 1 billion Yahoo email records said to be compromised is true, your identity on the Internet is worth 3/100ths of a cent,” the report states. Hackers still guess their way into enterprise systems, even though companies have spent years teaching employees to use complex passwords, the report explains. “The old, tried brute-force hacking methods still work,” the report states. “The main theme seen was the prevalence of low-hanging fruit for attackers to exploit. … It is shocking how many network accounts and devices contain default usernames and passwords.” Using 2016 data from Ixia’s clients, the report found the two most popular username guesses by hackers were “root” and “admin.” The most popular passwords included “null” (no password), “admin,” “123456” and “password.” “Trust but verify,” the report concludes. “Make sure your network configurations are working the way you think. The best way is to run periodic tests. … Doing this dramatically reduces your attack vulnerability.” – Joel Russell