Credential theft is a cybercrime involving the unlawful attainment of an organisations’ or individual’s password(s) with the intent to access, abuse or exfiltrate critical data and information.
Often an early stage of a cyber-based attack, credential theft enables attackers to operate undetected throughout a network, reset passwords and wreak havoc within an organisation.
Overall, cybercriminals have become increasingly sophisticated and specific when targeting organisations as well as their users.
Often, they work to identify the users and their device(s), providing access to an influx of sensitive and highly confidential data, such as financials.
Credential-based attacks open the door for more repeatable attacks, as they allow threat actors to take on the personality of an individual that is authorized to access targeted data, making every attack an insider threat.
Common methods used by cybercriminals include Phishing, Malware, Brute Force Attacks, Exploiting Weak/Default credentials, Credential Stuffing and Exploiting Vulnerabilities.
The way credential theft is carried out, and how credentials are then used, can vary. Some of the threats worth being aware of include:
Phishing is an advanced social engineering attack that aims to entice the victim into voluntarily revealing sensitive information and depends on a specific narrative or image to present itself as legitimate. Cybercriminals use phishing to induce individuals to reveal personal information, such as passwords and credit card numbers.
A credential stuffing attack occurs when a cybercriminal uses a set of credentials to attempt to gain access to several accounts at once. This method is very effective as almost two-thirds of internet users reuse their passwords.
Similar to credential stuffing, password spraying depends on a username rather than a full set of credentials. This method involves taking a verified username and inputting it into several accounts in combination with common passwords. If a user doesn’t carry out good password habits, most or all of their accounts can be jeopardised by guessing common password.
Identifying credential theft attacks early and mitigating them in seconds is critical when working to protect sensitive data.
Detecting these kinds of patterns is error prone and time confusing as it is often a manual effort without the right security tools.
Further, many tools that apply a basic anomaly detection approach to the problem inundate the system with false positives and thus adding further operational overhead for the security team.
Advanced network traffic analysis tools that utilise a combination of machine learning approaches are currently available that can overcome many of these shortcomings and can autonomously hunt for credential theft.
Consumers’ best protection against stolen credentials being used against them is to regularly change passwords and use multi-factor authentication wherever possible.
Gridware is proud to be a thought-leader in cybersecurity, creating and leading conversations in this space. Check out a selection of our published work from our Sydney based Cyber Defence Centre (CDC), and learn how our cyber expertise has led to partnerships with leading Australian Universities.
As a provider of CREST-approved penetration testing as well as vulnerability assessment, social engineering and red teaming services, Redscan’s ethical hacking team has extensive experience of assessing organisations’ technology, personnel and processes against the latest attack techniques and helping organisations to address them.
Detecting a supply chain attack quickly is the key to ensuring the damage isn’t irreversible. Firewalls and antivirus software are not enough to protect you against the latest threats. Our certified security professionals employ cutting-edge threat intelligence to hunt for malware and other cyber threats and help quickly shut them down.
Your users are your last line of defense. Educate them about the latest email threats, and ensure they understand their fraudulent nature and know how to report them to your security teams. Barracuda security awareness training and phishing simulation provides all necessary tools to train your users to recognize and report phishing emails, which will prevent email fraud and data loss.
If threat actors take control of your data, there’s no need to pay a ransom or go through a difficult and tedious recovery process — if you have a strong, modern, easy-to-use backup solution. We offer superior backup solutions — on-premises or in the cloud — that make it simple and fast to restore an up-to-date copy of any file, whether you’re restoring an entire server or specifically selecting files to restore.