Introduction
The concept of an attack surface monitoring and management tool like ProcessBolt ThreatScape is that we can use publicly available information to provide us with some indicators of how an organization’s information security program is doing, and therefore how susceptible they might be to cybersecurity threats.
Using the data we have on hundreds of thousands of organizations, we did some analysis to predict 50 organizations we think are likely candidates to be breached in 2023.
Attached is a list of partially redacted bcrypt-hashes of organization names we think are good candidates to be breached in the near future. We certainly don’t want to create any targets, so we are only publishing partially redacted hashes. If any of these organizations announce a breach, we will then disclose their position on the list.
Methodology
Over the years we have noticed common indicators of weakness for organizations that have announced breaches. In other words, there seemed to be some common characteristics that became a recognizable pattern over time. We even gave these types of organizations a label internally. We call them a “Dumpster Fire”.
We set out to use some machine learning to help us identify future breach candidates, but it turns out that all of our training of data sets only reinforced what our intuition already told us. It turns out that it is not that difficult to spot a Dumpster Fire.
Once again, we don’t want to create any targets, so we are not going to disclose at this time exactly what indicators we use to identify a possible Dumpster Fire. Suffice to say that there is not some sort of sophisticated statistical model going on (hence machine learning being useless), just a combination of indicators of poor cybersecurity practices that can be observed by anyone externally.
There are exceptions to most of the following, but in general, the organizations on the list:
- Are mid-sized organizations. Very small organizations without a meaningful internet footprint are difficult, if not impossible, to gather any statistically significant information about. On the other end, extremely large organizations often have many sub-organizations within them, and are dealing with cybersecurity incidents daily, so they are not very interesting.
- Are likely to have some data that somebody would want to steal.
- Would be required to disclose a breach if data was exfiltrated.
- Are not current ProcessBolt customers.
The list of organizations from the initial ThreatScape query for possible Dumpster Fires was much larger. From there, we started crossing off organizations that were too small, too big, wouldn’t be an interesting target, or had already been breached. We ended up with a list of 50, just to make it a nice, even number.
Expected Outcome
Given the odds that we are correct, that any of these organizations actually get breached, and that we would actually hear about it (i.e. the breach would be disclosed), we don’t have any high expectations about success rates.
Since this is our first attempt at predicting who gets breached this year, we think getting at least one right would be pretty good.
If we do discover that we actually predicted one correctly, then of course we will do another blog post full of “I told you so” and break our own arms from patting ourselves on the back.
Of course, of the organizations on the list that don’t get breached this year, most of them will probably be on the list again next year.
The List:
- $2a$14$eLhP29NIGhmS1bJcm8oxzuVhPhlJiA0.TjEM.zCFuf………..
- $2a$14$VVzqfAweJS2oP7w4iOn9hepbVSjQgySNFx3VDwb9LAV……….
- $2a$14$y.kY4vJk/VaEiEA07WemIOs4Rct9lStivbllB2mk74e……….
- $2a$14$DvY9JwcbT7I8cgtlZh.m/ex8k6DUlq8kbDk6c.kgTFt……….
- $2a$14$DEJSejUP1NdUU/UEjcVG6.pUqypJ9MHf8UnqZegzIV7……….
- $2a$14$2P1Bq.D3csUDRpak6KdX7O.gk1VUtuQHJgWlyKoeHv8……….
- $2a$14$/RtCkq8RYgEwtfNlNn3tAuRIFyz.TgedvIwL5mQL5Sr……….
- $2a$14$gHreOwepQ2o4797Xh4vc.urwzJJKd.JDpHrUGh404aW……….
- $2a$14$FCbWs5en.PIeSK2UbQsW9.uZQyq7yqR0l/nIh1dESBh……….
- $2a$14$zFvfibRTQd5S7PCuFzd3GOHhHyQ2xRfQ0.23EX2r20d……….
- $2a$14$.Ou/c8gfh.6DrNnUlOi9BOha64UUGXNMOTRqsM5YxGd……….
- $2a$14$g1NbvOSpSlrvAOl0VLm1o.Y6c0gA1RioQITy4fz2GJO……….
- $2a$14$l7hk69UvRty/YuV09Ymmmuh2W8D76xquRAnnNSgbApk……….
- $2a$14$rK24zYVzFNxj5DbQNhxy4OKc.uM5sy4xKxGphy5zFEm……….
- $2a$14$mCiOILbRmHKI6aiPuYvBv.IdeQxqWBPNlWAvFgT53vr……….
- $2a$14$Qk6T3aBMQnSnGTXxmuW3e.tK4t8ClMFEZkMvg/FiDF0……….
- $2a$14$8oeZSDfzBYtx7oW/dwyab.3kr4Mp8lRvXC5f.ifvr/U……….
- $2a$14$X4FuFKazO5llFvTa.wOCi.p.VvhlK9bwF3PFZ9dz.0s……….
- $2a$14$bNezL8vb3kvDcSz8kbI24.Xaa8P5GhivpUjzy6zvwGY……….
- $2a$14$0NnEI/STH1u2HHZkrJkXGumY6oW7uUVcDEVI941TXIp……….
- $2a$14$k8wEvEqyFwHG1I.gt7bF7eXMW5rB1r6SVrIeHGOvo1B……….
- $2a$14$gD48bSBlZIQJiE3yUr8cr.6iGkgDeOfEfZlYeKlWTmJ……….
- $2a$14$NHGptb271aurHJ6p6Ai5D.FZ2jksIze51twIoKr/Ahs……….
- $2a$14$V7xMY0M6vPQ2Ame0OafY5OEqADFAt5BaI9TxTlpZCU9……….
- $2a$14$kOvDtsVrs0BhQxQWzHjAvO1VH8qOJ5P8kUfA3zqgir1……….
- $2a$14$m45tLypDX1X3RAoXTU.a1OzrYd6rqItuwq2wDRhtcly……….
- $2a$14$ni7UQ08Qno.ft5RXXQdvHesgYhXW4hwVJZ3wUp3YTxf……….
- $2a$14$owrjTZavNNVUD9A12xPSaO19IWPniqrHxjgTz3L1coY……….
- $2a$14$aEZYxK3vuehx9McjfN.lquDXm9e4EWQIiEvnVerh4vL……….
- $2a$14$cDnHP6TgQXnNJCy1iMZbTu6LAh/MfsoG5wtWO2MVbHc……….
- $2a$14$jQaoZ2qoXxlGkGq43b0IuuHlA3DPbvPmtJhKpvaMxt5……….
- $2a$14$ElN83XA7S/pc/6LgDODQ3eKLKj8VuJfAC.z4CdMxO4X……….
- $2a$14$PQXhwdAkA6.eOUs1trfwme7uxQXkX7y.kXY4tCsPQ7j……….
- $2a$14$z2lFF2nyJp2nav7tVLh0kO50UlJjOJ40CvTZxN8CkCR……….
- $2a$14$29PcB7zfwb9k.Aqaf1pKeur87ELQSc0LlglU0.PdBmd……….
- $2a$14$SbblX6v8vbCVUk/e5dbheem6ZzzUcMPKg8SUz58Etav……….
- $2a$14$W4xM//Uawdu5Fq88X4cnjuj.zB9dVQTYohMrUkNdcBl……….
- $2a$14$vXNBR3uFM7.uSIyKcUJ/keMujxwdp2uAU6x7432NUzP……….
- $2a$14$L/6SiJGavI9yiW3C8VnxgeisA/sFFSWduCrnzXkMGL0……….
- $2a$14$eAt7Qh9UVqEHsJazz/T9U.W0JSR4B3z0/I07Zt6rkOS……….
- $2a$14$7Y7Nc68U4x6GfzEKeHwE6eOetKpJN.zhxyH26qaNePN……….
- $2a$14$oYCyERl0g8sJ.41KaGWpPuSq150H7wk6SMsykeq5Ktp……….
- $2a$14$OAE6rSIIS6Y6MC2Ka6SEtexscngFRYcxl6F78ayzLnh……….
- $2a$14$jogeFUIXF9H8qSWAlY8tjeu77HfIwSf7piAFndOXyp2……….
- $2a$14$nO18XbjRWtoYRn5g3uh.M./tp0RrPNCMXkQxRzm6oSz……….
- $2a$14$hWwtG/7uBnADLiPChO3TPeCluAx4KOpEM86Hr.Lw7mz……….
- $2a$14$IHjVBT4JRiyXkq968mfGDe8A6lJDD9ZaRsNNdrndhTs……….
- $2a$14$EoD2hkjneOAXkviMj0L8CeTQws.2dhQK3LdfpVMI1j7……….
- $2a$14$zOSyxQxBb3O.IPpd1idPe.dxKD4BqURSUgq6nWy8P7H……….
- $2a$14$7d0T0gulaKJk5Rck.FLdu.mhE/dPQCCcey0QqMc7p6j……….
Conclusion
It may be cliche, but we would be happy to be wrong about the organizations on the list. But then again, it is 2023, cybersecurity is not new, and yet somehow there are still plenty of Dumpster Fires out there waiting to happen.
Please feel free to contact us if you would like to know if your organization is on this list, and we can even provide you with a complimentary ThreatScape report for your organization. We can also show you how to use ThreatScape, along with the entire ProcessBolt platform, to make sure information security is built into your supply chain.
Stay tuned.