A new survey by Verizon Communications has highlighted the growing threat of hacktivists to organisations online. According to the survey this new group of hackers was responsible for more data breaches than those looking to steal data and resources, as we have seen in the past.
The survey pointed to the number of breaches that occurred due to the exploitation of default/guessable credentials and the use of stolen login credentials (aka identity theft), both of which sit at numbers two and three respectably in the rank of type of breach. Both are factors that can easily be prevented and it is shocking to see that such breaches are still so common.
DigitalPersona, a provider of multi-factor authentication and access management solutions, sees the results of this survey as a wake-up call to those organisations that may take for granted the importance of strong user credentials. In particular it is quite alarming to see that the number two most used tactic, the exploitation of default/guessable credentials ie. user-name and password, is still a viable means to hack into an organisations network.
In addition to factors such as PIN, passwords and smart cards, biometrics can assist in securing access to computers and information, ensuring that only authorised users can access the network.
Ben Boulnois, EMEA director, DigitalPersona, said: “Threats to online security have been around for years, but it is only recently that we have seen the threat changing, with hacktivists attacking organisations for political means amongst others. However, there is still a huge threat to the data, resources, and security of organisations, corporations and governments from cyber thieves and internal employees, who have not disappeared by any means. As this survey reveals there is still a huge complacency when it comes to attitudes to even the most basic methods of security authentication.”
In light of this survey it is apparent the firm says that organisations need to educate their workforce on how to maintain secure authentication details, ie. not relying on default or easy to guess log-in information. It is also important for the organisations themselves to install the appropriate security tools for their workforce, ensuring that basic breaches don’t occur due to a lack of proper authentication methods.
