Experts Reacted On Corporate Credentials On The Dark Web Up By 429% This Year

There has been a 429% growth in the number of corporate credentials with plaintext passwords on the dark web so far this year, according to Arctic Wolf’s 2020 Security Operations Annual Report. This amounts to an average of 17 separate sets of credentials per a typical organization, leaving businesses particularly vulnerable to account takeover attacks (ATO). This is despite a year-on-year decline in publicly disclosed data breaches, which Arctic Wolf attributes to “alert fatigue”, in which overworked IT and security professionals increase alert thresholds, leading to less reporting of incidents.

Experts Comments

October 07, 2020
Niamh Muldoon
Senior Director of Trust and Security, EMEA
OneLogin
This substantial increase in exposed credentials and the use of unsecured Wifi risks seeing a sharp rise in cyberattacks in the coming months and years. End-users, particularly high-value targets, need to strive for greater security consciousness. The first step is through changing their passwords and making sure that this is not reused across accounts. It also means taking into account what assets they have in their possession, applying strong multi-factor authentication, and ensuring.....Read More
This substantial increase in exposed credentials and the use of unsecured Wifi risks seeing a sharp rise in cyberattacks in the coming months and years. End-users, particularly high-value targets, need to strive for greater security consciousness. The first step is through changing their passwords and making sure that this is not reused across accounts. It also means taking into account what assets they have in their possession, applying strong multi-factor authentication, and ensuring monitoring as well as alerting mechanisms are in place.  Read Less
October 07, 2020
Chad Anderson
Research Engineer
DomainTools
All but encouraging, the figures reported by Arctic Wolf’s Security Operations Annual Report confirm what security teams have observed since the start of the pandemic. Challenges have changed in nature and increased in number as cybercriminals – as per usual – exploited a global crisis to ramp up their efforts. Phishing attempts, especially, are a threat that tends to increase around significant geopolitical events as threat actors try to leverage people’s fears and desire for.....Read More
All but encouraging, the figures reported by Arctic Wolf’s Security Operations Annual Report confirm what security teams have observed since the start of the pandemic. Challenges have changed in nature and increased in number as cybercriminals – as per usual – exploited a global crisis to ramp up their efforts. Phishing attempts, especially, are a threat that tends to increase around significant geopolitical events as threat actors try to leverage people’s fears and desire for information to get them to click on the wrong link. In light of this report, organisations are advised to audit their security posture and ideally change their employees' credentials to avoid account takeover attacks. Furthermore, 2FA or, better, MFA should be enabled wherever possible, especially for admin accounts, whose sessions should also be monitored to spot the signs of a compromise before it’s too late.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.