Account takeover attacks are among top security concerns

Security concept

A new study reveals that 60 percent of security leaders in the UK cite account takeover attacks as one of the top four most concerning cyber threats.

The survey from Abnormal Security shows 75 percent of UK survey participants report that their organization has been impacted by an account takeover attack at least once over the past year.

In addition more than a third of organizations (37 percent) were impacted by account takeover attacks more than five times over the past year, while 13 percent have experienced more than 10 significant account takeover attacks.

"A single instance of cloud account compromise can be extremely damaging, as they create critical point of entry that can give attackers immediate access to company or customer data, create a launchpad for additional attacks or fraudulent transactions, and allow movement across additional applications and connected platforms," says Evan Reiser, CEO at Abnormal. "What's even more concerning is that these attacks are no longer limited to just email. Today's cloud application ecosystems are increasingly broad, interdependent, and complex. And as these apps proliferate, they open up additional entry points, each with their own distinct risks if compromised."

Commonly used strategies to protect against this threat include implementing fraud detection mechanisms such as multi-factor authentication (MFA) and strong password use. However, the majority of survey participants are skeptical of both MFA (62 percent) and single sign on (63 percent) as effective tools to prevent account takeover attacks. Alternative solutions are being sought, with 99 percent believing that implementing a solution for detecting and automatically remediating compromised accounts in cloud services would greatly improve their defenses.

You can get the full report from the Abnormal site.

Image credit: ArtemisDiana/depositphotos.com

Comments are closed.

© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.