Verizon recently released its yearly Data Breach Investigations Report and as always, the report is a very informative read. The report gathered information from more than 64,000 security incidents worldwide in 2015, 2,260 of which were actual data breaches.
One of the report’s most alarming statistics reveals that legitimate user credentials were used in most 2015 data breaches. Particularly, Verizon reports that legitimate user credentials were used in the majority of 2015’s data breaches, with some 63% of users using stolen, weak, or default credentials.
“I knew credentials were a thing, obviously. What I wouldn’t have thought was that over half [of breaches] involved credentials,” Marc Spitler, senior manager at Verizon Security Research, and co-author of the report says. “I knew it was a significant issue and knew we wanted to talk about it in the report, but I didn’t quite know it would be that high.”
Stolen credentials tops the list of threat action varieties associated with attacks involving legitimate credentials, followed by C2 malware, exporting of data, phishing, and keyloggers.
These findings underscore the importance of awareness among businesses and government agencies on password management controls to combat this attack mechanism.