The five most common ways of hacking an organization all involve stolen credentials, “based on data from 75 organizations, 100 penetration tests, and 450 real-world attacks,” writes an anonymous Slashdot reader. In fact, 66% of the researchers’ successful attacks involved cracking a weak domain user password. From an article on Dark Reading:
Playing whack-a-mole with software vulnerabilities should not be top of security pros’ priority list because exploiting software doesn’t even rank among the top five plays in the attacker’s playbook, according to a new report from Praetorian. Organizations would be far better served by improving credential management and network segmentation…
“If we assume that 1 percent [of users] will click on the [malicious] link, what will we do next?” says Joshua Abraham, practice manager at Praetorian. The report suggests specific mitigation tactics organizations should take in response to each one of these attacks — tactics that may not stop attackers from stealing credentials, but “building in the defenses so it’s really not a big deal if they do”… [O]ne stolen password should not give an attacker (or pen tester) the leverage to access an organization’s entire computing environment, exfiltrating all documents along the way.
Similar results were reported in Verizon’s 2016 Data Breach Investigations Report.
Read more of this story at Slashdot.