Identity Attacks Overtake Exploits as Top Ransomware Cause

Summary

Email-based attacks have surpassed exploit kits as the primary entry point for ransomware. Despite widespread adoption of multifactor authentication (MFA), it was ineffective in 97% of credential-based attacks, failing to prevent compromise.

IFF Assessment

FOE

This is bad news for defenders as it indicates that attackers are successfully circumventing common security measures like MFA through sophisticated social engineering and credential-based attacks.

Defender Context

Defenders need to re-evaluate their email security strategies and investigate why MFA is failing in a majority of credential-based attacks. This suggests a need for more robust user training on phishing and social engineering, as well as exploring advanced threat detection methods that can identify and block these more sophisticated attacks.

Read Full Story →