Not all exposed usernames and passwords present a threat. Here's how to quickly identify the ones that do.
September 2, 2020
With more than 15 billion exposed credentials currently available online, security teams need a formal process for quickly identifying the ones that might pose a threat to their organizations.
A study that Digital Shadows conducted earlier this year found that two-thirds of the credentials available on Dark and Clear Web markets are duplicates, and 80% of them are in cleartext format. Many are employee credentials that pose a significant risk to organizations in the hands of cybercriminals.
It's the security team's role to assess all of their exposed employee credentials to ascertain whether those credentials could enable attackers to take over accounts and gain access to internal systems, says Michael Marriott, manager of product marketing at Digital Shadows.
Security admins need to determine whether an exposed credential poses a risk to the business or whether it is no longer a threat because it is associated with a user who has left the organization, has expired, or another reason. Given that billions of credentials are exposed every year, this can be time-consuming, he says.
"This is a real challenge, and a practical solution requires a methodical approach that is less whack-a-mole," Marriott says. "Security teams spend a lot of time reassessing the same credential pair and wasting their time. If the security team has reset the password of a user who has had their credential breached, there is no need to do so every time that password resurfaces."
The following are five tips for triaging the risk associated with breached credentials.
About the Author(s)
You May Also Like
Guarding the Cloud: Top 5 Cloud Security Hacks and How You Can Avoid Them
April 4, 2024Cybersecurity Strategies for Small and Med Sized Businesses
April 11, 2024Defending Against Today's Threat Landscape with MDR
April 18, 2024Securing Code in the Age of AI
April 24, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024Black Hat Asia - April 16-19 - Learn More
April 16, 2024