Regardless of the point of origination of a data breach incident, the majority of attacks are after user identity and authentication systems. Verizon found that 76 percent of network intrusions took advantage of weak or stolen usernames and passwords.
“The identity management system is under attack here,” Jacobs said. “We’re seeing a targeting of credentials and that is all about being able to move around in an environment.”
With a credential, the attacker can log into systems in what might appear to be legitimate access to an enterprise.
The way that attackers go after identity information can take multiple forms, including SQL injection, phishing attacks and brute force attacks against authentication systems.
“So, for example, attackers can be scanning the internet looking for an open remote administration service, and once they find one, they try to brute force the password,” Jacobs said. “Once they get in, they might install a keylogger to collect information as well as additional valid credentials.”
Read the full story at eSecurity Planet:
Identity Loss is the Leading Data Breach Attack
Sean Michael Kerner is a senior editor at InternetNews.com, the news service of the IT Business Edge Network, the network for technology professionals Follow him on Twitter @TechJournalist.