Cyberthreats rising, businesses still lack protection
What would you imagine your username and password are worth to a hacker? According to Microsoft’s latest threat and data research, the average price for 1,000 stolen username password pairs is around Sh100. What’s more, securing 400 million username and password combinations in bulk will earn a cybercriminal around Sh15,000.
There can be little doubt, cybercriminals have our passwords in their sights. This is particularly the case in Africa where businesses are often more prone to cyberattacks than anywhere else in the world. According to a recent report, Kenya ranked second in Africa, experiencing 28.3 million cyberattacks. South Africa led with 32 million attacks.
With weak passwords, password spraying and phishing, the entry point for most attacks, identity is the new battle ground of cyberthreats. And for organisations looking to protect themselves, preventing an identity from being misused or stolen, is now the highest priority. As part of the first edition of, Cyber Signals, Microsoft’s new quarterly cyberthreat intelligence brief, we take a closer look at the dangers of the rising mismatch in scale of identity-focused attacks in relation to levels of organisational preparedness.
The brief aims to be a valuable resource to Chief Information Security Officers in Kenya as they navigate the constantly changing threat landscape. It aggregates insights we see from research and security teams on the frontlines, including analysis from our 24 trillion security signals combined with intelligence we track by monitoring more than 40 nation-state groups and 140 threat groups.
Newly released research shows though threats have been rising fast over the past two years, there has been low adoption of strong identity authentication, such as multifactor authentication and passwordless solutions.
However, the consequences of a data breach are now front of mind for businesses. According to Liquid Intelligent Technologies, Kenyan businesses have found almost 71 per cent of their cyberattacks were data breaches. As a result, 90 per cent of IT decision-makers have accelerated cybersecurity posture in response to the changing threat landscape.
Organisations in the Middle East and Africa are paying closer attention to digital identities. As it stands, confirming user identities with an additional layer of security is a key priority over the next six to 18 months for 60 per cent of businesses in MEA. Recognising the danger that comes with remote work and increased digitisation, another 75 per cent of firms in MEA are investing in identity and access management.
The right multifactor authentication (MFA) and passwordless solutions can go a long way in preventing a variety of threats. In fact, according to Cyber Signals, basic security hygiene still protects against 98 per cent of attacks.
There are four key recommendations for groups looking to rise level of security. The first is to implement zero trust to reduce risk through practices like MFA and passwordless upgrades as part of a security baseline. They can begin with privileged accounts to gain protection quickly, then expand from there.
The second is to prevent passwords falling into the wrong hands by enabling MFA. You can take this a step further by eliminating passwords altogether and eliminating administrative privileges through passwordless MFA.
Though passwords are a prime target for attacks, they’ve long been the most important layer of security for everything in our digital lives. People are expected to create complex and unique passwords, remember them, and change them frequently, but this is highly inconvenient, and nobody likes doing that. Hence, a passwordless future is safer.
The third recommendation is to review account privileges regularly. Privileged-access accounts, if hijacked, become a powerful weapon attackers can use to gain greater access to networks and resources. Your security teams should be auditing access privileges frequently, using the principle of least-privilege granted to enable employees to get jobs done.
The fourth fundamental aspect of your security hygiene should be to thoroughly review all tenant administrator users or accounts tied to delegated administrative privileges. This will help organisations verify the authenticity of users and activities. Your security team should then disable or remove any unused delegated administrative privileges.
It is important to appreciate that attackers are constantly raising the bar. But leading with identity-focused solutions, including enforcing MFA, adopting passwordless solutions, and creating conditional access policies for all users dramatically improves protection for your devices and data. If identity is the new battle ground, then zero trust is the must-have weapon for fighting back.
— The writer is Modern Workplace and Security Business Group Lead for Microsoft Middle East and Africa Emerging Markets
