Cyber criminals are always on the lookout for stolen credentials and access to sensitive information within a business. A lot of people assume that an attacker will immediately act on stolen credentials and give away that they have gained access to your environment, but this will not always be the case. After stealing company credentials, hackers can do a number of things including:
- Selling the stolen credentials
- Perform an attack directly on the company
- Attack the individual they stole the credentials from
Cybercriminals Sell Stolen Passwords
Given all the ways malicious actors can steal credentials, they will often gain access to a large number of accounts from a variety of different entities. This means they will not always immediately launch cyberattacks but rather choose to sell those stolen credentials on the dark web. This can make a bad situation worse for a company because their credentials can be sold to multiple bad actors for as low as $1. If credentials are still valid after being sold, then a company could face attacks from several different hackers in a short span of time.
Hackers Directly Attack Businesses with Stolen Credentials
Whether a business’ stolen credentials are sold on the dark web or used by the thief themselves, an attack can come in a variety of forms and depend on the privileges of the stolen account. Any account can be used to mass email their contact list with malicious content because employees are a lot more likely to trust an email from a colleague, and this means more credentials within a company can be stolen. If an account has sufficient privileges, then an attacker can upload malicious content to public facing elements of a business or exfiltrate important client information in a data breach.
Attacking the Account Owner and Others
Usernames and passwords stolen from a company account do not only put the company at risk. If an employee has poor password hygiene and uses the same password for accounts outside of work, then a malicious actor can gain access to important personal accounts such as at a bank or another email address. This can lead to identity theft and more malicious emails being sent to that person’s contact list, which spreads the risk of attack to their friends and family because the attacker leverages the trust others have in that individual’s account.
In the end, malicious actors have become crafty with not only the way they steal credentials but also how they take advantage of compromised passwords. One employee’s account may put not only the business at risk but also that person’s coworkers, friends, and family. It is for this reason that we at Robinett Consulting take your password security extremely seriously. We want to help you and your employees develop proper password hygiene and have the tools available to lower the risk of password theft, make it more difficult for hackers to access compromised accounts, and monitor the dark web for your business, so you have a better chance of not becoming a statistic.