Watch CBS News

Report exposes common cracks in cybersecurity

A report by cybersecurity firm Trustwave details how hackers are profiting from vulnerabilities in passwords and devices
Report exposes major cybersecurity flaws 02:08

CHICAGO -- At the Chicago headquarters of the cybersecurity firm Trustwave, Charles Henderson leads a team of "ethical hackers" whose job it is to expose weaknesses for clients all over the world.

"We attack systems just as these criminals do attempting to find flaws, vulnerabilities," Henderson explained.

According to Trustwave's report detailing hundreds of breaches last year: 95 percent of all mobile apps were vulnerable to attack; 49 percent of all attacks involved theft of identification information and cardholder data; weak passwords led to 28 percent of all cyber breaches; and "password 1" was the most common password.

CBS News

"It's not ninjas dropping through ceilings," Henderson said. "It's really simple stuff. It's things like passwords that lead to a compromise."

To show how easy it is, Trustwave analyst Garret Picchioni had me enter a seven character password. Using commercial software -- capable of making 81 billion guesses per second -- it only took 37 seconds to crack.

Trustwave analyst Garret Picchioni, right, with CBS News correspondent Anthony Mason, left. CBS News

Picchioni says seven or eight character passwords are not safe enough.

"Computer hardware has reached a point where we're able to attack them so quickly that a password that small isn't practical anymore," Picchioni said. "Especially for incredibly sensitive things like financials, online banking."

Trustwave now recommends security phrases. The longer a password is, they say, the harder it is to hack.

View CBS News In
CBS News App Open
Chrome Safari Continue
Be the first to know
Get browser notifications for breaking news, live events, and exclusive reporting.