- Cybercriminals are increasingly targeting
- The threat of identity -based attacks increases
- Costs add up and businesses are slow to respond
Companies are faced with an increase in identity -based attacks, and rowdy applications are the main culprits, the search for the Huntress 2025 “ ITDR managed: identity is the new security perimeter ”.
Based on a survey of more than 600 IT and security professionals, the new Huntress report indicates that two thirds (67%) of organizations have declared an increase in identity -based incidents in the past three years.
In addition, these attacks represented more than 40% of security incidents for more than a third (35%) of organizations in the past 12 months only.
Second increase
Huntress also claims that “thugs” candidates “are the number one concern here. Almost half (45%) or respondents said they had encountered rogue and / or malicious applications in the past, while 46% described them as a “maximum identity concern”.
To worsen things, detection and response times do not follow each other. More than half (53%) said they needed “hours” to detect such an incident, and two thirds (68%) added that they were “unable” to detect or respond to the threat until the actors already establish persistence.
Huntress also warned that the financial impact of these attacks is “significant”. In addition to arrest times and reputation damage, the researchers found a third (32%) of companies losing at least $ 100,000 accordingly.
“It is undeniable that identity is the new ending point. With a generalized adoption of the cloud, the transition to hybrid work and increased dependence on SaaS applications, the identity attack surface has exploded in recent years,” said Prakash Ramamurthy, product manager at Hunress.
“Pirates no longer waste time penetrating into the hardwood networks. They connect to the use of stolen identification information, session cookies and access tokens to bypass the protection of termination points and exploit low-factor authentication.
However, everything is not lost, because there are several methods, including access to the zero-frust network (ZTNA), which help to mitigate this threat.
