Read more
While the tactics for gaining access vary, phishing emails remain the number one method for hackers.
Picture: iStock
As businesses rapidly adopt digital tools, remote work, and cloud services, cybercriminals are increasingly targeting employees. They view employee login details as valuable, so protecting them is crucial to maintaining the security of company systems.
Using the same login details across different tools makes things easier and more efficient for employees. However, it also creates a significant risk — if those credentials are stolen or used on a hacked system, the entire company could be at risk.
William Petherbridge, manager of systems engineering at Fortinet explains how phishing remains the number one method hackers use to steal credentials and offers practical advice for organisations to combat this.
He said that for cybercriminals, the motivation behind stealing an employee’s credentials is to infiltrate the corporate network. Targets can range from C-suite executives to junior staff who may not realise their identities have been compromised.
Once inside the network, criminal activities range from stealing sensitive company data for industrial espionage to locking down systems for ransom.
While the tactics for gaining access vary, phishing emails remain a popular choice for hackers, the number one method is still email.
“Phishing attacks are still effective in tricking employees into logging into fake accounts to steal their credentials. When an email appears to come from a senior individual within an organisation with specific instructions, employees tend to act quickly. That’s why awareness is critical.”
ALSO READ: Cybersecurity breach costs Astral R20 million in profit
Petherbridge added that although most large corporate entities have security operations centres or outsource them, the challenge is the sheer volume of alerts received.
“Security teams receive thousands of alerts, making it impossible to review manually and take action on all of them. That’s where automation and detection response systems come into play. Having tools that can automate and make sense of that data is essential.”
Identity threat detection and response (ITDR) is both a reactive tool and a proactive defence mechanism allowing businesses to monitor user behaviours and prevent breaches before they can fully unfold.
He advises that companies start combating identity theft with a multi-layered approach.
“On the preventative side, strong passwords are a basic requirement, together with multi-factor authentication. Beyond that, privileged access management (PAM) and identity and access management (IAM) systems help define the role of each user and what they’re allowed to access.
“On the detection end of the equation, enterprise-level organisations need the ability to analyse identity behaviour, including anomalies in login patterns or unusual activity and immediately respond if something suspicious is taking place.”
NOW READ: WhatsApp account hacked? This is what you need and must do
Download our app