Free Privileged Account Discovery Tool: Identify & secure credentials to stop lateral movement. Download Free

BeyondTrust
  • Products
    Privileged Password Management
    Discover, manage, audit, and monitor privileged accounts
    Password Safe DevOps Secrets Safe
    Endpoint Privilege Management
    Manage privileges on Windows, Mac, Linux, and Unix endpoints
    Windows and Mac Unix and Linux Active Directory Bridge
    Secure Remote Access
    Centrally manage and secure remote access for service desks and vendors
    Remote Support Privileged Remote Access
    BeyondInsight Analytics
    See All Solutions
  • Resources

    Universal Privilege Management

    Our innovative Universal Privilege Management approach secures every user, asset, and session across your entire enterprise.

    Watch Video

    Learn

    Case Studies
    Competitor Comparisons
    Datasheets
    Glossary
    Product Demos
    Whitepapers

    Attend

    Events
    Go Beyond
    Training
    Webinars

    Support

    Changelog
    Professional Services
    Technical Documentation
  • Blog
  • Partners
  • Contact
  • Support
  • Services
  • Training
  • Events
  • Company

Use of Stolen Credentials Named Leading Cause of Breaches in 2018 Verizon Data Breach Investigations Report

April 13, 2018

  • Blog
  • Archive

The annual Verizon Data Breach Investigations Report, commonly known as the DBIR, was just released for 2018.  As usual, it’s packed with useful information about data breaches – why they happen, who is perpetrating them, how they are getting in, and what they are trying to accomplish.  

Not surprisingly, the #1 cause of data breaches was “Use of stolen credentials.” Also called “hacking” in the DBIR, threat actors routinely target credentials for theft, often using phishing emails or social engineering as a method of acquiring usernames and passwords.  For hackers, using legitimate credentials is not only an effective way to initiate a breach, but also to go undetected for longer periods of time as they move laterally across a network, escalating privileges, accessing systems, and exfiltrating data. 

Also high on the list of breach actions, at #4, was “Privilege Misuse.”  Privilege misuse occurs when insiders, such as employees or contractors, use their legitimate privileged credentials to access data or systems beyond the scope of their job role, with the purpose of malicious use of organizational resources.  Unintentional misuse, due to employee error, can result in a data breach as well.

The DBIR focuses on how different industries vary in their risks and how they are targeted, but use of stolen credentials and privilege misuse universally impact diverse industries.  Privileged Access Management and Privileged Identity Management solutions such as Bomgar Privileged Access and Lieberman RED Identity Manager are security tools that are extremely effective in addressing these types of breach actions.  Using these solutions, organizations improve their security posture:

  • Discover, store, and rotate privileged credentials on a continuous basis to protect your organization’s network from the threat of stolen credentials – for the widest variety of account types
  • Granularly control the access pathways to your network by limiting what users can do to just their relevant job tasks - for both insiders and 3rd parties.

The DBIR can help you better understand how breaches can impact affected organizations, and Bomgar is ready to help reduce your risk of a breach by managing and controlling accounts and access while keeping your users productive.  

Request Privileged Access Demo
Request Lieberman RED IM Demo

Stacy Blaiss

Director, Product Marketing

Stay Up To Date

Get the latest news, ideas, and tactics from BeyondTrust. You may unsubscribe at any time.

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

You May Also Be Interested In:

Webcasts | February 09, 2021

Customer Webinar: Remote Support 21.1 Released!

Webcasts | February 24, 2021

Your PAM 2021 Blueprint: Securing Privileged Accounts for On-Premises and Cloud Assets

Whitepapers

Evolving Privileged Identity Management (PIM) In The 'Next Normal'

BeyondTrust Logo
  • Facebook
  • Twitter
  • LinkedIn

Keep up with BeyondTrust

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Customer Support
Contact Sales

Products

  • Endpoint Privilege Management
  • Password Management
  • Privileged Remote Access
  • DevOps Secrets Safe
  • Remote Support

Resources

  • Blog
  • Case Studies
  • Competitor Comparisons
  • Datasheets
  • Glossary
  • Videos
  • Webcasts
  • Whitepapers

About

  • Company
  • Careers
  • Contact
  • Events
  • Leadership Team
  • Partner Program
  • Press

Languages

  • English
  • German
  • French
  • Spanish
  • Korean
  • Portuguese
  • Japanese
  • Privacy
  • Security
  • Manage Cookies
  • WEEE Compliance

Copyright © 1999 — 2020 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.