More than half of security breaches based on stolen credentials

More than first half of all breaches in 2022 have involved stolen credentials.

Security outfit Acronis said that cybercriminals targeted MSPs and their network of SMB customers.

More than 600 malicious email campaigns were carried out across the world wide wibble in the first half of the year, with 58 percent of them phishing attempts.

Another 28 percent of those emails featured malware.

The Acronis report said: “The business world is increasingly distributed, and in 2022, an average of 8.3 percent of endpoints tried to access malicious URLs. To extract credentials and other sensitive information, cybercriminals use phishing and malicious emails as their preferred infection vectors.”

The research reveals how cybercriminals also use malware and target unpatched software vulnerabilities to extract data and hold organisations hostage.

Outfits like Microsoft, Google, and Adobe have emphasised software patches and transparency around publicly submitted vulnerabilities.

Acronis believes these patches likely helped stem the tide of 79 new exploits each month.

“Successful breaches using these various routes have resulted in the loss of billions of dollars and terabytes of exposed data”, Acronis said.

I