The top identity-based attacks and how to stop them: Part 1
Part one of this two-part article series examines password spray, credential stuffing, and man-in-the-middle attacks and techniques and tools for mitigation
The proliferation of Software as a Service (SaaS), the sudden explosion in a hybrid workforce, and the digital transformation revolution businesses have gone through all were aided by identity solutions that offer agility and modern capabilities. But as the reliance on identity has grown, so too have the attacks and threats. Identity-based attacks have not only been highly prevalent in breaches, but are getting more sophisticated, forcing security teams to constantly be on the defensive and shore up the front door to their organization’s data.
According to the 2022 Verizon Data Breach Investigations Report (DBIR), over 40% of all breaches involved stolen credentials and 80% of all web application breaches involved credential abuse. The presence of phishing attacks in breaches also rose from 25% in 2020 to 35% in 2021. Moreover, the attack surface continues to expand and aside from the traditional enterprise and the digital consumer, third-party supplier risk has taken center stage. Even ransomware attacks have increased to now comprise 25% of all breaches. While ransomware is not thought of in an identity-centric lens, identity is often compromised in order for ransomware to be installed.