🎉 Exciting news! Coalition has acquired Wirespeed to accelerate cybersecurity for all.

Read more
Cover for Identity Crisis
Tim MalcomVetter avatar

Tim MalcomVetter

Co-Founder / CEO

Identity Crisis

I have bad news for you:

Identity compromises happen a lot. WAY more often than organizations know. Even a small or mid-market organization can have a dozen in a month, that they have no idea about‼️ (We see this time and time again. We can bet on it.)

But there is maybe a silver lining: the majority of these compromised credentials aren’t resulting in material impact … today. Why? Because they don’t make good Business Email Compromise (BEC) or Ransomware victims:

  • If the user doesn’t have access to accounts receivable & invoicing, the adversary cannot (easily?) abuse that access to trick business partners to re-route payments to an attacker controlled bank account for BEC, which causes 10-50x more financial damages than Ransomware.

  • If the user doesn’t have privileged access, there isn’t an easy path towards king of the hill, necessary for Ransomware. The move towards SaaS, zero trust, lower privileges, and adversary friction from modern EDR all can take a victory lap for this.

#A Good Analogy

Imagine burglars breaking into your unlocked doors and windows, taking a quick look around, and NOT seeing things they can sell on the secondary market (jewelry, electronics, etc.), so they leave. Then the next day, a different burglar does the same thing. And again, and again. That’s what these logins are! They’re actual credential compromises, but companies are just lucky they don’t turn into material impact.

If this was happening in your neighborhood—even if they didn’t steal anything—would you want them in your home?

Definitely not.

#Let’s look at some examples…

Continue with Part 2 of Identity Crisis to see examples of how we have seen this actually happen.

Want to learn more about how Wirespeed can make security painless for you? Contact us to start a FREE TRIAL today.