Skip to main content

Cybercriminals are more concerned about gaining 'high-value access' than ever

password
(Image credit: Image source: Shutterstock/Ai825)

Almost all cybersecurity executives will tell you that attackers are increasingly intent on stealing login credentials from their company.

This is according to a new report from identity security firm CyberArk, which says that the trend of moving assets to the cloud has triggered a race among criminals to steal as many credentials as possible.

Based on a poll of 100 security executives from large enterprises, the report claims there is a “growing sense of urgency” among hackers for securing privileged access.

Spear-phishing is still one of the most popular methods of obtaining login credentials, CyberArk says, with 48 percent of respondents observing increasing attacks on senior leadership, third-party vendors, DevOps teams and cloud engineers.

Still, the end-user remains the most widely attacked group, with more than half (56 percent) of attacks aimed their way.

ITProPortal needs ...

We're looking at how our readers use VPN for a forthcoming in-depth report. We'd love to hear your thoughts in the survey below. It won't take more than 60 seconds of your time.

>> Click here to start the survey in a new window (opens in new tab)<<

To tackle the problem, CyberArk claims most security leaders are opting for the zero trust model, which is seen as important for controlling identity and access management. Also, as criminals move against non-IT employees, endpoint security remains an operational challenge, it was said.

“The SolarWinds series of attacks underscore the need for a zero trust (opens in new tab)-based approach to identity security, especially as digital transformation drives the exponential growth of identities and privileges across the enterprise. To break the attack chain, privileged credentials must be managed and secured,” said Rich Turner, SVP EMEA at CyberArk.

Sead Fadilpašić is a freelance tech writer and journalist with more than 17 years experience writing technology-focussed news, blogs, whitepapers, reviews, and ebooks. And his work has featured in online media outlets from all over the world, including Al Jazeera Balkans (where he was a Multimedia Journalist), Crypto News, TechRadar Pro, and IT Pro Portal, where he has written news and features for over five years. Sead's experience also includes writing for inbound marketing, where he creates technology-based content for clients from London to Singapore. Sead is a HubSpot-certified content creator.