Anatomy of Modern Identity-Based Attacks

FrancescoFaenzi 8 views 10 slides Mar 02, 2025
Slide 1
Slide 1 of 10
Slide 1
1
Slide 2
2
Slide 3
3
Slide 4
4
Slide 5
5
Slide 6
6
Slide 7
7
Slide 8
8
Slide 9
9
Slide 10
10

About This Presentation

As a security practitioner, protecting your organization's data is your top priority. With the explosion of mobile and hybrid workforces, SaaS adoption, and application modernization, new attack methodologies are arising while existing ones resurface. This presentation examines the anatomy of id...

Size: 5.84 MB
Language: en
Added: Mar 02, 2025
Slides: 10 pages

Slide Content

Anatomy of Identity-Based Attacks As a security practitioner, protecting your organization's data is your top priority. With the explosion of mobile and hybrid workforces, SaaS adoption, and application modernization, new attack methodologies are arising while existing ones resurface. This presentation examines the anatomy of identity-based attacks and how to mitigate them using modern identity and access management solutions. FF da Francesco Faenzi

The Rise of Identity-Based Attacks 1 Growing Threat Over 40% of all breaches involved stolen credentials and 80% of web application breaches involved credential abuse in 2021. 2 Expanding Attack Surface The attack surface continues to expand beyond traditional enterprise and digital consumer identities to third-party supplier risk. 3 Ransomware Link Even ransomware attacks, now comprising 25% of all breaches, often involve compromised identities to gain initial access.

Password Spray Attacks How It Works Attackers attempt to use a few commonly known passwords across multiple accounts, staying under account locking thresholds. They may research company password policies to craft guesses. Mitigation Strategies Set lockout policies, implement CAPTCHAs, enforce strong password requirements, enable threat intelligence, and implement alerting for failed attempts across accounts.

Credential Stuffing Attacks Credential Harvesting Attackers obtain credentials from data breaches or underground markets Automated Testing Credentials are tested across many sites using automated tools Account Takeover Successful logins allow attackers to access sensitive data

Machine-In-The-Middle (MITM) Attacks Intercept Traffic Attacker positions between user and resource 1 Broker Communication Traffic flows through attacker's system 2 Capture Credentials Attacker logs sensitive data like passwords 3 MITM attacks exploit the trust between users and services. Mitigation strategies include using TLS encryption, trusted networks, and phishing-resistant multi-factor authentication.

Phishing Attacks Spear Phishing Targeted attacks on specific individuals Whaling Attacks targeting high-ranking personnel Vishing Voice phishing to obtain sensitive information over the phone Phishing aims to obtain credentials by luring users to malicious sites or coercing them to provide information. Mitigation includes user training, behavior detection, and integrating email security solutions.

Machine-to-Machine Communication Risks 1 Secure API Endpoints Protect machine-to-machine communication 2 Credential Protection Avoid hardcoding or insecure storage 3 Access Management Implement proper authentication and authorization Service account security is often overlooked but critical. By 2024, organizations are expected to manage half a million machine identities on average. Proper security measures are vital to prevent unauthorized access.

Third-Party Account Risks 1 Federation Setup Establish trust between identity providers 2 Partner Authentication Users authenticate to their own IDP 3 Access Resource Valid assertion allows access to federated resource 4 Potential Compromise Breach of partner IDP could allow unauthorized access Mitigate risks by enforcing security controls on your IDP, implementing step-up authentication, and configuring risk-based policies with phishing-resistant factors for high-risk logins.

Underground Credential Markets Dark Web Marketplaces Stolen credentials and access tokens sold openly Malware and Rootkits Used to harvest credentials from compromised systems Defense Strategies Implement strong MFA, limit token scope, and use short-lived access tokens

Protecting Against Identity-Based Attacks User Education Train users on security best practices and phishing awareness Log Correlation Implement robust logging and alerting for suspicious activity Adaptive MFA Use context-aware, risk-based authentication policies Threat Intelligence Leverage global threat data to proactively block malicious activity A comprehensive security strategy combines user education, robust processes, and advanced technology to mitigate identity-based attacks and protect your organization's critical assets.
Tags
identity cybersecurity access management cyber risk cyber threat phishing identity theft
Categories
Business Technology
Download
Download Slideshow Get the original presentation file
Quick Actions
Statistics
  • Views 8
  • Slides 10
  • Age 274 days
Related Slideshows
DTI BPI Pivot Small Business - BUSINESS START UP PLAN 1
DTI BPI Pivot Small Business - BUSINESS START UP PLAN
MeljunCortes
28 views
CATHOLIC EDUCATIONAL Corporate Responsibilities 1
CATHOLIC EDUCATIONAL Corporate Responsibilities
MeljunCortes
30 views
Karin Schaupp – Evocation; lançamento: 2000 11
Karin Schaupp – Evocation; lançamento: 2000
alfeuRIO
28 views
Pillars of Biblical Oneness in the Book of Acts 10
Pillars of Biblical Oneness in the Book of Acts
JanParon
26 views
7-10. STP + Branding and Product & Services Strategies.pptx 31
7-10. STP + Branding and Product & Services Strategies.pptx
itsyash298
27 views
Business Legislation PPT - UNIT 1 jimllpkggg 44
Business Legislation PPT - UNIT 1 jimllpkggg
slogeshk98
29 views
View More in This Category