Preventing Hackers From Pilfering Another Million Business Customers

2021 was (sadly) the year for hackers– from the continuous rise of ransomware to new phishing scams creeping onto the scene. It has only just been revealed a record-breaking 17 million customer accounts were stolen by hackers from 17 companies, as a critical consequence from credential stuffing attacks. 

Subscribe
Notify of
guest

1 Expert Comment
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
Jason Soroko
Jason Soroko , CTO of PKI
InfoSec Expert
January 7, 2022 8:04 pm

<p>Credential stuffing attacks like this one can easily be avoided with passwordless authentication technologies. Passwords offer weak security and are an outdated form of authentication. This shared secret method makes it too easy for a malicious party to guess, steal, or socially engineer their way into a network to access sensitive data. </p>
<p>Passwordless authentication is a highly secure alternative. Enterprises should implement next-generation identity management with Public Key Infrastructure (PKI)-based authentication. Digital certificates work behind the scenes via a much stronger form of secret: A cryptographic key pair consisting of a public key and a private key — to ensure that sensitive information stays private and locked away from bad actors. Enterprises today can’t continue relying on pre-pandemic cybersecurity approaches. Strong digital identity security centered around passwordless authentication is key.</p>

Last edited 10 months ago by Jason Soroko
Information Security Buzz
1
0
Would love your thoughts, please comment.x
()
x