Passwords are a common target for hackers, but many of us still aren’t doing the cybersecurity basics to help protect our accounts. Here’s what to do.
Cyber crooks aremore determined than ever, with the number of cyberattacks on the rise.
Hackers are making almost 1,000 attempts, every second to hack account passwords in order to gain malicious access.
Take Control Of Your IT Before Something Bad Happens.
The figures come from Microsoft’s Digital Defense Report 2022 and are based on analysis of trillions of alerts and signals collected from the company’s worldwide ecosystem of products and services.
It warns that cyberattacks are on the rise, with account passwords still very much the main target of hackers.
Particularly, as many accounts are vulnerable because they lack any additional layers of protection beyond the password itself to help keep them secure.
According to Microsoft, the volume of password-based attacks has risen to an estimated 921 attacks every second, a 74% increase in just one year for what’s the primary method which accounts are compromised.
Attacks against passwords include:
- Brute force attacks attempting to crack simple or common passwords
- Attackers attempting to use leaked usernames and passwords to access other accounts owned by the victim
- Phishing attacks designed to dupe victims into handing over their login credentials.
The report suggests that 90% of accounts that get hacked aren’t protected by ‘strong authentication.’
Meaning that the vast majority of accounts that get breached only have one layer of protection as opposed to having an additional layer of multi-factor authentication (MFA) for added verification.
However according to figures from Microsoft, the number of accounts protected by MFA remains low, even for administrator accounts, with under one in three protected with an additional layer of authentication.
Thankfully, the number of accounts protected in this way is slowly rising.
Nonetheless, many remain vulnerable to attackers who can exploit compromised accounts.
Cyber criminals conduct harmful activity including:
- Stealing sensitive data
- Conducting business email compromise attacks
- Deploying malware
- Launching ransomware attacks
- and much more.
Protecting accounts with MFA, so if a password is hacked, the attacker will struggle to access the account without the user being made aware that something is wrong – although even MFA isn’t infallible.
Many cyberattacks are successful simply because the cybersecurity basics have not been followed.
Apply the minimum standards to help protect accounts as even basic security hygiene still protects against 98% of attacks.
It’s also recommended that zero-trust cybersecurity principals are applied across networks and devices, so it’s difficult for an attacker to gain full access to systems with a single login using a compromised account.
Software, applications and operating systems should also be kept up to date with the latest security patches in order to prevent cyber attackers from exploiting known vulnerabilities to access and hide malicious activity on networks.
In the event of suspecting that your password has been hacked, you should change it immediately, and consider using a password manager.
It will help ensure each of your accounts is secured with a password that’s both strong and unique to help protect your data from hackers.