Security News > 2024 > February > Orgs are having a major identity crisis while crims reap the rewards
Identity-related threats pose an increasing risk to those protecting networks because attackers - ranging from financially motivated crime gangs and nation-state backed crews - increasingly prefer to log in using stolen credentials instead of exploiting vulnerabilities or social engineering.
In two separate reports published on Wednesday, IBM X-Force and security biz CrowdStrike found a huge surge in cyber attacks using valid credentials and other techniques spoofing legitimate users.
IBM's threat hunters found a 71 percent year-over-year increase in the volume of attacks using valid credentials in 2023.
The criminals have proven very adept at pulling off extortion attacks using SMS and voice phishing to harvest credentials, as well as making phone calls to help desks and convincing the tech support workers to provide password and MFA resets for their companies' admin accounts.
Nation-state linked attackers also conducted their share of identity-based attacks last year.
According to CrowdStrike, they typically obtain these legitimate identities via accidental credential leakage, brute-force attacks, phishing/social engineering, credential stealers, access brokers, insecure self-service password-reset services and insider threats.
News URL
https://go.theregister.com/feed/www.theregister.com/2024/02/21/identity_related_cyber_threats/