eBook
Detect.
Harnessing the intelligence of AI, Conceal identifies emerging threats in real-time, ensuring you’re always a step ahead.
Credentials are the key to your kingdom and crown jewels. Weak credentials can lead to account takeovers, data breaches, and a variety of other forms of cyberattacks. Once a threat actor has a legitimate set of user credentials, they are able to move undetected within the organization’s network, making it near impossible for security controls to pick up on the malicious activity.
Examples
Colonial Pipeline
In May of 2021, Colonial Pipeline, a key oil supplier for gasoline along the East coast, fell victim to a ransomware attack. It is believed that the initial point of entry of the attack was through an exposed password for a VPN account. The credentials are suspected to have been harvested through a dark web leak. During the ransomware attack, which left pipelines off for days, the attackers were able to steal 100 gigabytes of data within two hours.
SolarWinds
While details of the SolarWinds breach can be best found in our Supply Chain Vulnerabilities chapter, it is important to note that it is rumored that this attack was successful due to a weak password supplied by an intern. By using “solarwinds123” as a password, the intern’s credentials were easily compromised and leveraged by the threat actor. Since these legitimate credentials remained active, the threat actor was able to remain undetected for almost an entire year to plant the malicious code that was pushed out in a software update.
Protect Against Credential Vulnerabilities
There are many measures an organization can take to help protect against credential related vulnerabilities. For one, an organization should enforce a password policy. Specifically, MITRE recommends the enforcement of a minimum and maximum length, restrictions against password reuse, restrictions against using common passwords and restrictions against using contextual string in the password (e.g., user id, app name). By providing a robust password policy, organizations are able to protect against brute-force attacks and other password cracking mechanisms. Additionally, a solid password policy minimizes the ability for stolen credential validity to outlive the password’s lifecycle. Simply put, this will minimize a threat actor’s ability to leverage a password harvested in a black web leak to access an organization’s network.
Conceal’s Solution to Credential Vulnerabilities
Conceal provides results to strengthen your enterprise’s defenses against threat actors and cyber threats and addresses these issues by creating solutions for security, privacy and performance with significant cost reductions. Conceal’s products guard against cyber threats like ransomware and malware; prevent websites from filtering or denying content; and provide a reduced cyber-attack vector.
Conceal’s unique network design detects, defends and isolates threats without compromising your enterprise. Conceal’s solutions lower your cyber attack profile by isolating, obfuscating and dynamically shifting your communications pathways and reducing the possibility of attribution or attack when conducting internet and online activities. By doing so, Conceal is able to limit credential gathering through web-based means.
