Close this search box.

Credential theft and exploitation

How to protect yourself and your business.

There will be 4x more supply chain attacks in 2021*

Credential theft is a cybercrime involving the unlawful attainment of an organisations’ or individual’s password(s) with the intent to access, abuse or exfiltrate critical data and information.

Often an early stage of a cyber-based attack, credential theft enables attackers to operate undetected throughout a network, reset passwords and wreak havoc within an organisation.

How credential theft occurs

Overall, cybercriminals have become increasingly sophisticated and specific when targeting organisations as well as their users.

Often, they work to identify the users and their device(s), providing access to an influx of sensitive and highly confidential data, such as financials.

Credential-based attacks open the door for more repeatable attacks, as they allow threat actors to take on the personality of an individual that is authorised to access targeted data, making every attack an insider threat.

Common methods used by cybercriminals include Phishing, Malware, Brute Force Attacks, Exploiting Weak/Default credentials, Credential Stuffing and Exploiting Vulnerabilities.


The Risks

Cyber threats related to credential theft

The way credential theft is carried out, and how credentials are then used, can vary. Some of the threats worth being aware of include:

Phishing is an advanced social engineering attack that aims to entice the victim into voluntarily revealing sensitive information and depends on a specific narrative or image to present itself as legitimate. Cybercriminals use phishing to induce individuals to reveal personal information, such as passwords and credit card numbers.

A credential stuffing attack occurs when a cybercriminal uses a set of credentials to attempt to gain access to several accounts at once.  This method is very effective as almost two-thirds of internet users reuse their passwords.

Similar to credential stuffing, password spraying depends on a username rather than a full set of credentials. This method involves taking a verified username and inputting it into several accounts in combination with common passwords. If a user doesn’t carry out good password habits, most or all of their accounts can be jeopardised by guessing common password.

of cloud data breaches involve credential tehft
Stolen credentials in circulation
Volume of annual credential spill incidents in the last 4 yeasrs
Records exposed in data breaches in Q1/2 2021


Detecting Credential Theft

Identifying credential theft attacks early and mitigating them in seconds is critical when working to protect sensitive data.

Detecting these kinds of patterns is error prone and time confusing as it is  often a manual effort without the right security tools.

Further, many tools that  apply a basic anomaly detection approach to the problem inundate the system with false positives and thus adding further operational overhead for the security team. 

Advanced network traffic analysis tools that utilise a combination of machine learning approaches are currently available that can overcome many of these shortcomings and can autonomously hunt for credential theft.


Our advice and recommendations

Consumers’ best protection against stolen credentials being used against them is to regularly change passwords and use multi-factor authentication wherever possible.

The latest on Ransomware

Gridware is proud to be a thought-leader in cybersecurity, creating and leading conversations in this space. Check out a selection of our published work from our Sydney based Cyber Defence Centre (CDC), and learn how our cyber expertise has led to partnerships with leading Australian Universities.

Investigation Underway for Major Data Breach Impacting Over 1 Million NSW Club and Merivale Customers

Qantas App Glitch Exposes Personal Data as Users Accidentally Access Others’ Accounts

MediaWorks New Zealand Data Breach Exposes 2.4 Million

Investigation Underway for Major Data Breach Impacting Over 1 Million NSW Club and Merivale Customers

Qantas App Glitch Exposes Personal Data as Users Accidentally Access Others’ Accounts

MediaWorks New Zealand Data Breach Exposes 2.4 Million

LockBit’s Back After Police Takedown

Tangerine Telecom Breach Hits 232,000 Customers

Leak Reveals Spyware Created by Chinese Government Contractor

How Gridware can help

Security Assessments

As a provider of CREST-approved penetration testing as well as vulnerability assessment, social engineering and red teaming services, Redscan’s ethical hacking team has extensive experience of assessing organisations’ technology, personnel and processes against the latest attack techniques and helping organisations to address them.

Threat Detection

Detecting a supply chain attack quickly is the key to ensuring the damage isn’t irreversible. Firewalls and antivirus software are not enough to protect you against the latest threats. Our certified security professionals employ cutting-edge threat intelligence to hunt for malware and other cyber threats and help quickly shut them down.

Training & Awareness

Your users are your last line of defence. Educate them about the latest email threats, and ensure they understand their fraudulent nature and know how to report them to your security teams. Gridware security awareness training and phishing simulation provides all necessary tools to train your users to recognise and report phishing emails, which will prevent email fraud and data loss.

Protect your data

If threat actors take control of your data, there’s no need to pay a ransom or go through a difficult and tedious recovery process — if you have a strong, modern, easy-to-use backup solution. We offer superior backup solutions — on-premises or in the cloud — that make it simple and fast to restore an up-to-date copy of any file, whether you’re restoring an entire server or specifically selecting files to restore.


Sydney Offices
Level 12, Suite 6
189 Kent Street
Sydney NSW 2000
1300 211 235

Melbourne Offices
Level 13, 114 William Street
Melbourne, VIC 3000
1300 211 235

Perth Offices
Level 32, 152 St Georges Terrace
Perth WA 6000
1300 211 235


Learn more about the team at the forefront of the Australian Cyber Security scene.

About Us →

Meet the Team →

Partnerships →

Learn more about the team at the forefront of the Australian Cyber Security scene.

Career Opportunities →

Internships →

Media appearances and contributions by Gridware and our staff.

See More →



Whether you need us to take care of security for you, respond to incidents, or provide consulting advice, we help you stay protected.

View all services →

Web App Pen. Test Calculator →

Network Pen. Test Calculator →

Governance & Audit

Legal and regulatory protection

Penetration Testing

Uncover system vulnerabilities

Remote Working & Phishing

Fortify your defenses

Cyber Security Strategy

Adaptation to evolving threats

Cloud & Infrastructure

Secure cloud computing solutions

Gridware 360

End-to-end security suite

Gridware Managed Services

Comprehensive & proactive security

Gridware CloudControl

Harness the benefits of cloud technology

Gridware Incident Response 24/7

Swift, expert-led incident resolution



A collection of our published insights, whitepapers, customer success stories and more.

Customer success stories from real Gridware customers. Find out how we have helped others stay on top of their Cyber Security.

Read More →