Security News > 2022 > January > Reducing the blast radius of credential theft

Reducing the blast radius of credential theft
2022-01-31 06:30

Cybersecurity has come to be defined by identity, with almost every attack today revolving around gaining control of a user's identity as a means of accessing critical data and systems.

More recently, the ransomware and data theft attack on Planned Parenthood also seems to have started with a compromised account.

Aside from unsophisticated "Smash and grab" style data thefts and ransomware attacks, the initial credential theft is only the beginning.

It's almost impossible to stop attackers from acquiring stolen credentials, but this is meaningless if identity misuse can be detected and stopped before the attacker can strike.

If organizations can recognize when certain identities access the network illegitimately, they can respond and stop the attack in its tracks.

The sooner in the attack cycle this occurs, the smaller the blast radius will be.


News URL

https://www.helpnetsecurity.com/2022/01/31/identity-attacks/