It’s a common folklore that the greatest cyber-attacks in history are pulled off by genius hackers using clever hacking techniques to exploit a zero-day vulnerability on some obscure back-room database server. The reality is very different.
According to a recent study by security firm Centrify, “74 percent of respondents whose organizations have been breached acknowledge it involved access to a privileged account.” In other words, they got phished. How else do you think the hackers got the usernames and passwords?
Rather than spending hundreds of hours and millions of CPU cycles trying to hack into a computer network, hackers simply craft a quick phishing email and get some employee’s login credentials. Most likely an employee with access to a privileged account.
According to an article on Security Week website, “This number closely aligns with Forrester’s estimate that 80 percent of security breaches involve compromised privileged credentials. When a privileged account gets compromised, it allows the cyber-attacker to impersonate a legit employee or system and carry out malicious activity without being detected as an intruder. Once hackers compromise a privileged account, they can typically roam at will across an IT environment to exfiltrate data and cause damage.”
People and organizations are making it too darn easy on hackers.
Of course there are many technologies which can be used to try and stop compromised credentials. These include multi-factor authentication (MFA), establishing access zones, enforcing least privilege, behavior-based machine learning and risk scoring. Some of these technologies are more effective than others.
Perhaps the simplest way to prevent employees’ credentials from being compromised is to eliminate the possibility of employees getting phished. It’s not as sexy as some of those other technologies, but anti-phishing technology has been around for a while. It’s fast to deploy and doesn’t cost much. And more importantly, it works.
Whenever I read about some hack somewhere, I inevitably also read about the victims scrambling to find some super new technology to address the most recent hack. But, sometimes the solution already exists and is right in front of you.
If you want to put a stop to compromised credentials at your company, and you want to do it fast, then you are at the right place. Duocircle, with Advanced Threat Defense, is a cloud-based email security service that protects employees from malicious emails 24/7 on any device. You’ll be up and protected in ten minutes.