top of page

Contemplating the Value of Identity Abuse for Attackers

Updated: Feb 1

In the world of identity threats, it is crucial to distinguish the various ways in which an entity can be identified and authenticated in a system. While the majority of interactive intrusions detected by Falcon OverWatch involve the abuse of valid accounts, primarily through combinations of usernames and passwords, it is common for intrusions to exploit other authentication factors and identifying materials.


Cybersecurity confronts us with a variety of methods for identification and authentication, each with its own strengths and weaknesses. From the classic combination of username and password to sophisticated biometric authentication, such as facial and voice recognition, the digital security landscape is diverse.


Thus, the current state of abuse of digital identities highlights attackers' intentions to go beyond usernames and passwords. Our analysis indicates that the use of technologies like Single Sign-On (SSO) and Second Factor Authentication (2FA) or Multi-Factor Authentication (MFA) could incentivize threat actors to employ more sophisticated methods parallel to classic authentication approaches.


 Our analysis indicates that the use of technologies like Single Sign-On (SSO) and Second Factor Authentication (2FA) or Multi-Factor Authentication (MFA) could incentivize threat actors to employ more sophisticated methods parallel to classic authentication approaches.
Beyond Usernames and Passwords

Image #1 (Figure 7.): Commonly Observed Methods of Identification and Authentication - CrowdStrike Threat Hunting Report 2023


Some of the most frequent methods of identification and authentication, from the classic use of usernames and passwords to advanced technologies such as facial recognition and security tokens.


Comentarios


Join the Club!

Our mailing list makes it easy to send market updates and opinion pieces from our cybersecurity experts.

Thanks for suscribing!

bottom of page