Ciptor Safe News January 2023

2023-01-12

Cyberattacks are on the raise!

The long-standing, oft-deferred security threat posed by password-based authentication is now front and center. Some of the most damaging cyberattacks in the past year were caused or enabled by weak password protection. For example, the Colonial Pipeline breach that shut down fuel supply operations to the eastern United States was traced to a single compromised password. This untenable risk, along with growing regulatory pressures such as the the 2021 Executive Order on Cybersecurity’s Zero Trust mandate, are prompting more organizations to turn to passwordless options. There’s growing recognition that passwordless security approaches can provide significantly better protection and user experience as well as cost savings. To further clarify the state and direction of passwordless authentication, we conducted our second annual survey among IT and security professionals across the globe.

As organizations look for opportunities to do more with less, they’re no doubt considering how security teams can contribute. With that in mind, I’d like to share priorities for 2023 that will pay off in the long run:

  • Traditional multi-factor authentication (MFA) methods are increasingly under attack. These include Remote Desktop Protocol (RDP) attacks, account takeover (ATO) fraud, phishing, man-in-the-middle (MitM) attacks, credential stuffing and push attacks.
  • Remote work continues to be the main driver for passwordless authentication, especially against the backdrop of the significant increase in phishing attacks in recent years.
  • Organizations face serious security gaps due to insecure authentication methods based on secret-sharing.
  • Protect against identity compromise. 
  • Modernize identity security to do more with less.
  • Protect access holistically by configuring identity and network access solutions to work together.
  • Verify remote users in a cheaper, faster, more trustworthy way.

Credential attacks are on the raise

Given the vast troves of stolen passwords on the dark web, easily available automated attack tools, and people’s penchant for password reuse, it’s unsurprising that credential stuffing attacks and phisihing continues to grow. Phishing remains at an all time high with 89% of respondents revealing that their organizations experienced at least one phishing attack due to the HYPR, 2022 State of Passwordless Security Report.

 

Manage cookie settings
This website uses cookies to make our services work, and that’s why some cookies are necessary and can’t be declined. We use cookies to give you the best user experience possible. You can manage your cookies in the next session.
Cookie settings
Cookie settings
Necessary Cookies
These Cookies are necessary for our website to work and can’t be turned off. The Cookies are usually only activated when you, for example, fill out a form or create or log in to your account. They don’t track any personal information.
Performance Cookies
These Cookies help us to track the number of visitors on our webpage. They also track where our visitors came from and how they found our website. We use this information to analyze how to make our website more user-friendly for our visitors and which landing pages are most relevant for our customers. The information that we store is, for example, what pages you visit when using our website.
Marketing Cookies
We use these Cookies to analyze how we can make our advertising better. The information helps us to learn more about our visitors and makes it possible to personalize ads based on your previous use of our services.