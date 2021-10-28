Virtual scams are on the rise, but those who think that they are only applied due to software flaws or other types of network vulnerabilities are wrong. According to Microsoft, attackers are entering systems from access credentials stolen from targets.

Earlier this week, Microsoft warned that the cyber criminal group Nobelium, responsible for the cyber hijacking (ransomware) of SolarWinds, were using credential theft tactics on their new targets. Now, this Tuesday (26) the company warns that these scams are being used by more agents, in addition to Nobelium, with the Microsoft Threat Detection and Response (DART) estimates that hacking via credentials was responsible for at least a third of user accounts affected by cybercrime in 2021.

According to DART, criminals do this in two different ways: from the low and slow (“low and slow”, in free translation), which involves the attacker using a single password for numerous IP addresses, attacking multiple accounts at the same time with some pre-defined credentials. According to the developer of Windows, this attack is only effective in 1% of attempts.

The second method is called availability and reuse (availability and reuse), and makes use of leaked credentials made available on the internet, either publicly or through purchases on the dark web . This process is more effective and allows criminals to execute attacks faster.

In addition to the above two methods, Microsoft also warns about problems with the use of outdated software, which often does not support multi-factor authentication, and may have critical vulnerabilities that allow invasions. The company recommends constantly updating devices and protocols to avoid these types of problems.

How to protect yourself

Even though everything said above seems to indicate that passwords are dangerous, the truth is that, when done with good security policies, in addition to having enhanced authentication in multiples , they can greatly protect business systems and their users.

To achieve this goal, DART recommends the following steps to ensure greater protection from passwords:

Authentication of multiple factors : although already Well known, this method of defense is very important, and must be enabled on all systems that support it;

Rethink password policies : migrating from passwords to physical authentication keys or cross-platform login can be a solution for better protection, as according to research. to Microsoft, an eight-digit password with capital letters, lowercase letters and numbers is no longer so secure. Also, opting for long, random sequences can increase protection;

Beware of administrative accounts: Accounts with administrative privileges can do everything on a system, so their protection is of utmost importance. Always leave them with multi-factor authentication and unavailable outside the corporate environment;

Security policy audit : Checking that the company’s protection policies do not have vulnerabilities is a critical step, since a simple flaw can turn into a huge headache. Conduct ongoing audits to confirm that the guidelines are effective.

Source: ZDNET, Microsoft