Stolen Passwords Result in 63% of Data Breaches

By:  |  Category: Blog, Security Thursday, June 7th, 2018  |  No Comments
Data Breach

One of biggest question we hear from a business who suffered a cyber attack is “How did the hackers get in my system?”

In the 2016 Data Breach Investigations Report, Verizon Enterprise answered this question. They suggest that the biggest blind spot for many organizations is how stolen credentials are the primary means by which hackers exploit their vital systems.

Credentials are the big prize for hackers. In a study of 905 phishing attacks, the vast majority—91 percent—were after user credentials. 

Verizon found that “63% of confirmed data breaches involved leveraging weak, stolen or default passwords.” Further, Verizon reported that 93% of data breaches occurred within minutes, while 83% weren’t discovered for weeks.

The time between a breach and its discovery is where the real damage from a cyber attack occurs. Hackers can exploit stolen credentials to install malware on an employee’s computer and in your network. The malware can extract sensitive information before you know your system has been compromised.

A common means by which hackers infiltrate corporate systems is by phishing attacks. A common phishing attack is to send out a seemingly legitimate email that asks the recipient to reset a password. When the recipients clicks on the link and enters their current password information, the hacker has it.

Another alarming statistic from the Verizon report is that 30% of phishing emails are opened and 12% of the links are clicked. Clicking on the link can result in more than just a stolen password – it could also be the means by which malware is installed on the system.

Why You Should Worry About Stolen Credentials

Many IT professionals feel that stolen credentials aren’t a problem because they come from a third-party (for example, an employee’s corporate email credentials are stolen from a retail website.) The Verizon report clearly shows why stolen third-party credentials are a problem.

Here are three examples of how stolen third-party credentials can impact your corporate network:

  1. Hackers use social engineering to breach corporate systems. For example, an employee’s credentials are stolen from a banking phishing attack. The first thing the hacker will do is try to access the corporate system using the same password or variations of it (for example, substituting a ! for a 1.) This tactic is surprisingly effective.
  2. Hackers install malware on an employee’s computer. When an employee clicks on a link in a phishing email, it could trigger the installation of malware on their computer. A common tactic is to install key logging software, which allows the hacker to access login information to the corporate system.
  3. Hackers install malware that ends up on the corporate network. Similar to the tactic described above, the malware could be spread to the corporate network when the employee logs in. This could begin the process of extracting sensitive corporate data and intellectual property.

Damages from a data breach can be huge. In addition to the direct costs of restitution, restoration and fines, indirect costs of reputational damage and lost sales can be staggering.

The reality is that no system is 100% impenetrable. However, a hardened defense can send hackers looking for an easier target. Two factor authentication, biometrics, strong passwords and employee security training are some of the ways you can make yourself a hard target.

If your network is breached, the key to limiting the damage is quick detection. The primary reason hackers do what they do is greed – they are looking for ways to quickly sell the data that they steal. Most hackers will try to sell stolen credentials on the Dark Web.

A stolen credential monitoring tool like Dark Web ID (offered by EnhancedTECH) will quickly alert you if your organization’s credentials are being offered for sale.

If you’d like to learn more about stolen credentials monitoring, please contact us at 714-970-9330 x290 or contact us at [email protected]

Samantha Keller

Director of Marketing and PR at EnhancedTECH
Samantha Keller (AKA Sam) is a published author, tech-blogger, event-planner and mother of three fabulous humans. Samantha has worked in the IT field for the last fifteen years, intertwining a freelance writing career along with technology sales, events and marketing. She began working for EnhancedTECH ten years ago after earning her Bachelor’s degree from UCLA and attending Fuller Seminary. She is a lover of kickboxing, extra-strong coffee, and Wolfpack football.Her regular blog columns feature upcoming tech trends, cybersecurity tips, and practical solutions geared towards enhancing your business through technology.
Samantha Keller

Latest posts by Samantha Keller (see all)

Leave a Comment
Read previous post:
World Cup
New Phishing Scams Plague World Cup

It's soccer time! The 2018 FIFA World Cup attracts a worldwide audience. It's also a magnet for phishing scams using...