43% of firms were vulnerable to data breaches in 2023 - Report
FORTY-THREE percent of organisations lacked multifactor authentication (MFA) in 2023, leaving them vulnerable to credential breaches.
Sophos, a cybersecurity company, revealed this in its latest report, ‘It’s Oh So Quiet (?): The Sophos Active Adversary Report for 1H 2024.’ It stated that cybercriminals used remote desktop protocol (RDP) the most to establish remote access on Windows systems in 90 percent of attacks in 2023.
It noted that 2023 saw the highest incidence of RDP abuse since it began releasing active adversary reports in 2021.
“Attackers understand the risks these services pose and actively seek to exploit them,” John Shier, Sophos’ chief technology officer, said. “Exposing services without proper security measures inevitably leads to compromise.”
The report analysed incidents across 26 sectors and 23 countries where compromised credentials remain the leading root cause of attacks (over 50 percent in 2023), surpassing software vulnerabilities for the second year.
Despite the growth in attacks, 43 percent of organisations lacked multifactor authentication (MFA) in 2023, leaving them vulnerable to credential breaches. Sophos hinted that attackers are actively targeting these vulnerabilities, and even a single exposed RDP port can be a gateway to compromising an entire network.
The firm said, “The rise of compromised credentials as the top attack cause suggests a need for stronger password management practices and potentially a shift in attacker tactics. Organisations should consider implementing stricter password policies and user education programs to combat credential theft.
“The lack of widespread MFA adoption is concerning. MFA adds an extra layer of security by requiring a second verification factor beyond just a username and password. Implementing MFA significantly reduces the risk of unauthorised access, even if an attacker obtains valid credentials.”