Cybercriminals are exploiting identity weaknesses more than ever, with identity-based attacks accounting for nearly two-thirds of network breaches in 2024, according to Palo Alto Networks' Unit 42 annual report.
Social engineering led the charge, responsible for one-third of the 750 incidents Unit 42 investigated. Attackers also used compromised credentials, brute-force attacks, and overly permissive access policies to break into systems.
The problem extends beyond initial access—identity issues played a role in nearly 90% of all incidents. Once attackers gain legitimate credentials, they're nearly invisible to security systems since their activity appears authorized.
Ransomware payments jumped 87% to a median of $500,000, while attackers moved faster than ever, stealing data within two days in most cases.
Source: CyberScoop