Credential Theft Is (Still) A Top Attack Method

Credential theft is clearly still a problem. Even after years of
warnings, changing password requirements, and multiple forms of
authentication, password^[1]
stealing remains a top attack method used by cyber criminals.

The latest report^[2]
from the Ponemon Institute shares that 54% of security incidents
were caused by credential theft, followed by ransomware and DDoS
attacks. 59% of organizations aren’t revoking credentials that are
no longer needed, meaning passwords can go unattended and dormant
like a sitting duck (similar to what happened with Colonial
Pipeline). And Verizon’s Data Breach Investigations
Report^[3] cites that nearly 50% of
all data breaches were caused by stolen credentials.

The stats don’t lie. Cybercriminals are advancing, there’s no
doubt, but if there’s an option to take the path of least
resistance, they’ll take it. Too often, that means compromising
passwords and exploiting vulnerable access points.

Credential Theft and Critical Access

The Verizon report also states that stolen credentials are most
often used to target some form of a web application. Web
applications are one of the top attack vectors, according to the
report, which is a problem considering organizations across
industries are finding digital solutions and using internet-enabled
technology to streamline operations. Take the manufacturing^[4]
industry, for example: if a PLC malfunctioned, a contractor or
vendor used to physically fix the issue at the manufacturing
facility. Now, the repairs can be done remotely since PLCs can be
connected to the internet, and third-party technicians can use
remote access^[5]
to connect to and fix the PLC.

The healthcare^[6]
sector faces the same situation. Healthcare facilities use
internet-enabled devices to quickly share data, access patient
records, and grant access to remote vendors to connect to
machines.

We’re in an evolving, digital era where companies can become
more efficient, productive, and profitable by automating tasks and
introducing new technology to their workflow. But, since a lot of
that involves connecting devices to the internet and granting
remote access to third-party vendors as we’ve just seen, it also
means introducing risk at each access point.

If you can use the internet to access an asset (whether that’s a
network, server, or data), so can a bad actor. And if you can use
credentials to unlock it, guess what – so can a bad actor. Add
third-party remote access^[7] into the mix and you
have a nasty combination of vulnerabilities.

Organizations need to play catch-up when it comes to the
security of their credentials, IoT, and third-party vendor
connections. If they don’t, they’ll be playing a different kind of
catch-up: remediating all the damage a bad actor has already
done.

Protect Credentials With Password Vaults

It might seem like the problem is unavoidable. We’re creating a
potential gateway for a bad actor to exploit every time we create a
password that leads to a critical resource, whether that password
is meant for an internal or external user.

For those who have gone too long thinking, “I don’t need to
worry about password management,” — it’s time to worry. Or it’s at
least time to do something about it. Credentials are the keys to
the kingdom, whether that means they can get you down the road^[8]
to the entire kingdom via third-party remote access or they take
you directly to the kingdom of mission critical assets and
resources. Either way, protecting credentials by using password vaults^[9]
is arguably the best way to manage passwords and ensure they stay
out of the wrong hands.