Identification and Verification is the foundation of security and we’re seeing significant evidence of its critical importance in the common trend of password- and credential-focused risks throughout the 2nd quarter of 2018. Regardless if it’s an elusive Identity-stealing malware or a brute force login attack, cyber attackers are adamant and concentrated on hacking passwords for easy access to sensitive data and network information.
A recent study from the WatchGuard Threat Lab revealed that almost half of national governments’ and military employees’ social media passwords, largely from the US, were so weak that it’s enough to be cracked in less than two days.
According to the study:
Half or roughly 50% of Government and Military employees’ passwords are weak.
- A comprehensive analysis of the 2012 LinkedIn data dump to identify trends in user password strengths and compliance, the team found that half of all passwords associated with “.mil” and “.gov” email address domains within the database were objectively weak. The most common passwords used by these accounts included “123456,” “password,” “linkedin,” “sunshine,” and “111111.” Conversely, the team found that more than 50 percent of civilian passwords were weak. These findings further illustrate the need for stronger passwords for everyone, and a higher standard for security among public service employees that handle potentially sensitive information. In addition to better password training and processes, every organisation should deploy multi-factor authentication solutions to reduce the risk of a data breach.
Cryptocurrency Miners are the Top Malware Variant.
- Malicious Cryptominers are continuing to grow in popularity as a hacking tactic, making their way into WatchGuard’s top 10 malware list for the first time in 2018. The data shows that victims in the United States were the top geographical targets for this cryptominer, receiving approximately 75 percent of the total volume of attacks.
Mimikatz – the most common and persistent Malware infecting the government and military since the 2nd quarter of this year alone.
- Mimikatz is a well-known password and credential stealer that has been prevalent in past quarters but has never been the top strain. 27.2% from the Top-10 of all malwares, comprised of this variant alone. This surge in Mimikatz’s dominance suggests that authentication attacks and credential theft are still major priorities for cyber criminals.
Cyber Attackers often utilize malicious Office documents.
- Cyber Criminals continue to put bait on Office documents, exploiting old vulnerabilities in the popular Microsoft product to fool unsuspecting victims. Interestingly, three new Office malware exploits made WatchGuard’s top 10 list, and 75 percent of attacks from these attacks targeted EMEA victims, with a heavy focus on users in Germany specifically.
75 percent of malware attacks are delivered over the web.
- 76 percent of threats from Q2 were web-based, suggesting that organizations need an HTTP and HTTPS mechanism to prevent the vast majority of attacks. Ranked as the fourth most prevalent web attack in particular, “WEB Brute Force Login -1.1021” enables attackers to execute a massive deluge of login attempts against web applications, leveraging an endless series of random combinations to crack user passwords in a short period of time.