The rules organizations have in place for password creation result in people sharing passwords for multiple sites and services. Between the password complexity policies, which can require users to include numbers, capital letters and special characters in their password, and the restrictions around usage and expiration, people want to remember as few passwords as possible, Cybereason CISO Israel Barak told CSO Online last week.
Attackers, however, are aware that people re-use user names and passwords and use stolen log-in credentials to access other online services. In other words, one data breach can lead to secondary compromises, a scenario that played out after the recent LinkedIn breach. Hackers exfiltrated LinkedIn log-in credentials and used those user names and passwords to access Citrix's GoToMyPC service.
Barak shared his view on this secondary attack, explaining that two types of attackers would be interested in these credentials. One group would conduct targeted attacks on specific individuals or organizations and attempt to access sensitive information, he said. Other threat actors would carry out more broad campaigns against unspecified targets and try to log-in to social media and financial services.
Read the full article on CSO.com.
Fred O'Connor is Cybereason's senior content writer.