Credential Theft Is (Still) A Top Attack Method

  • Credential theft is clearly still a problem. Even after years of warnings, changing password requirements, and multiple forms of authentication, password stealing remains a top attack method used by cyber criminals.

    The latest report from the Ponemon Institute shares that 54% of security incidents were caused by credential theft, followed by ransomware and DDoS attacks. 59% of organizations aren’t revoking credentials that are no longer needed, meaning passwords can go unattended and dormant like a sitting duck (similar to what happened with Colonial Pipeline). And Verizon’s Data Breach Investigations Report cites that nearly 50% of all data breaches were caused by stolen credentials.

    The stats don’t lie. Cybercriminals are advancing, there’s no doubt, but if there’s an option to take the path of least resistance, they’ll take it. Too often, that means compromising passwords and exploiting vulnerable access points.

    Credential Theft and Critical Access

    The Verizon report also states that stolen credentials are most often used to target some form of a web application. Web applications are one of the top attack vectors, according to the report, which is a problem considering organizations across industries are finding digital solutions and using internet-enabled technology to streamline operations. Take the manufacturing industry, for example: if a PLC malfunctioned, a contractor or vendor used to physically fix the issue at the manufacturing facility. Now, the repairs can be done remotely since PLCs can be connected to the internet, and third-party technicians can use remote access to connect to and fix the PLC.

    The healthcare sector faces the same situation. Healthcare facilities use internet-enabled devices to quickly share data, access patient records, and grant access to remote vendors to connect to machines.

    We’re in an evolving, digital era where companies can become more efficient, productive, and profitable by automating tasks and introducing new technology to their workflow. But, since a lot of that involves connecting devices to the internet and granting remote access to third-party vendors as we’ve just seen, it also means introducing risk at each access point.

    If you can use the internet to access an asset (whether that’s a network, server, or data), so can a bad actor. And if you can use credentials to unlock it, guess what – so can a bad actor. Add third-party remote access into the mix and you have a nasty combination of vulnerabilities.

    Organizations need to play catch-up when it comes to the security of their credentials, IoT, and third-party vendor connections. If they don’t, they’ll be playing a different kind of catch-up: remediating all the damage a bad actor has already done.

    Protect Credentials With Password Vaults

    It might seem like the problem is unavoidable. We’re creating a potential gateway for a bad actor to exploit every time we create a password that leads to a critical resource, whether that password is meant for an internal or external user.

    For those who have gone too long thinking, “I don’t need to worry about password management,” — it’s time to worry. Or it’s at least time to do something about it. Credentials are the keys to the kingdom, whether that means they can get you down the road to the entire kingdom via third-party remote access or they take you directly to the kingdom of mission critical assets and resources. Either way, protecting credentials by using password vaults is arguably the best way to manage passwords and ensure they stay out of the wrong hands.

    Found this article interesting? Follow THN on Facebook, Twitter  and LinkedIn to read more exclusive content we post.