Credential theft: A growing cybersecurity threat

Jerry Brodnax, June 22, 2018
Cybercriminals may be lurking on your organization’s network, masquerading as a legitimate employee. Attackers use various ways to steal user names, passwords and other credentials so they can maneuver undetected through a business’s network for nefarious purposes.
 
Credential theft: a growing cybersecurity threat
 
 
Experts believe credential theft is a growing cyberthreat for businesses of all sizes. Microsoft found 63% of all network intrusions and data breaches were due to compromised user credentials.
 
Credential theft enables cybercriminals to pose as an employee and access the company’s network, data and intellectual property. Attackers may attempt to steal funds, plant malware or engage in other harmful activities.
 
Cybercriminals generally obtain employee user names and passwords through social engineering tactics such as phishing, pretexting and business email compromise. These attacks manipulate computer users and trick them into unwittingly giving up their login information and other credentials. Let’s take a brief look at each tactic:
  • Phishing usually involves an email message sent to an employee. It contains a malicious attachment or link, and the goal is to entice the employee to click on it. Once this is done, the employee’s credentials are required to continue. The email address and graphics appear to be legitimate, so the employee is lulled into a false sense of security and willingly surrenders credentials.
  • Pretexting uses a false story to gather information or influence employee behavior. The cybercriminal sends an email, text or phone call and claims to be a trusted partner requesting the employee log in or provide credentials to rectify a problem.
  • Business email compromise involves a hacker posing as a company executive and making an email request of a junior employee, usually to transfer funds to a seemingly legitimate account. Both the compromised email account and the destination bank account are bogus. 
Some cybercriminals steal corporate credentials to sell them on the “darknet,” the black market for stolen information. Stolen credentials have value because most employees don’t change their passwords often and frequently reuse passwords on multiple accounts.
 
How to protect against credential theft
To minimize the threat of credential theft, companies should consider taking the following actions:
  • Raise employee awareness of the threat of credential theft and the importance of protecting company networks and proprietary data. 
  • Provide ongoing employee training on credential theft and conduct employee testing to complement network security protocols and programs. 
  • Develop strong protocols for creating passwords. Weak passwords or the use of default passwords allow cybercriminals to easily access company systems and data.
  • Establish protocols that require employees to change passwords every three months. Employees should use different passwords for each of their applications.
  • Forbid employees from using passwords for their personal accounts that are the same as their corporate credentials.
  • Use security software to look for transmissions of password-based technology to unknown sites and block those platforms, even if data leakage has not yet occurred. 
  • Limit the use of corporate credentials to approved websites and block their use for unknown applications and sites.
  • Require multifactor authentication for corporate systems at the network level to protect critical applications and data.
      

Credential theft is a growing threat, and information and preparation are two of your best ways to minimize this risk. We’re ready to assist you with cybersecurity tips and all your business banking needs.