There has been a 429% growth in the number of corporate credentials with plaintext passwords on the dark web so far this year, according to Arctic Wolf’s 2020 Security Operations Annual Report. This amounts to an average of 17 separate sets of credentials per a typical organization, leaving businesses particularly vulnerable to account takeover attacks (ATO). This is despite a year-on-year decline in publicly disclosed data breaches, which Arctic Wolf attributes to “alert fatigue”, in which overworked IT and security professionals increase alert thresholds, leading to less reporting of incidents.
This substantial increase in exposed credentials and the use of unsecured Wifi risks seeing a sharp rise in cyberattacks in the coming months and years. End-users, particularly high-value targets, need to strive for greater security consciousness. The first step is through changing their passwords and making sure that this is not reused across accounts. It also means taking into account what assets they have in their possession, applying strong multi-factor authentication, and ensuring monitoring as well as alerting mechanisms are in place.
All but encouraging, the figures reported by Arctic Wolf’s Security Operations Annual Report confirm what security teams have observed since the start of the pandemic. Challenges have changed in nature and increased in number as cybercriminals – as per usual – exploited a global crisis to ramp up their efforts. Phishing attempts, especially, are a threat that tends to increase around significant geopolitical events as threat actors try to leverage people’s fears and desire for information to get them to click on the wrong link.
In light of this report, organisations are advised to audit their security posture and ideally change their employees\’ credentials to avoid account takeover attacks. Furthermore, 2FA or, better, MFA should be enabled wherever possible, especially for admin accounts, whose sessions should also be monitored to spot the signs of a compromise before it’s too late.