Welcome to Technology Trends

• The cyberthreat landscape constantly changes, posing significant challenges for security professionals.Threat actors often evade traditional prevention-oriented security controls.
• In the first half of 2023, threat actors utilized valid credentials most often to gain entry to a corporate network and then disabled defenses to remain hidden.
• This offered them plenty of time for network discovery, lateral movement, and data collection before exfiltrating and encrypting that data.
• While attackers’ increasingly sophisticated activities should sound alarm bells, that same sophistication provides organizations ample opportunity to stop these attacks before a threat actor can achieve their objectives.
• With all the investments made in prevention-oriented cybersecurity capabilities over the years, organizations often question how threat actors continue to find their way into corporate networks.
• Were the established security controls ineffective?Were there gaps between those controls that let adversaries slip through the cracks?Were employees tricked into downloading files that allowed a cybercriminal to access the network? While the answer to these questions is sometimes “yes,” threat actors often used valid credentials as their entry mechanism, followed by exploiting public-facing applications.
• In fact, in the past six months, more than two-thirds of breaches we investigated resulted from adversaries using valid accounts to gain access.Valid credentials are readily sought and made available on the dark web for this purpose.
• There is a whole category of “initial access brokers” providing means of entry, including credentialed access.

White Paper from Technology Trends