Within the modern, browser-focused work environment, the business identity serves as the primary shield for corporations. Often termed as “the fresh boundary,” the identity acts as a barrier between secure data management and potential infiltrations. Nonetheless, a recent study exposes how businesses frequently lack insight into the usage of their identities across diverse platforms. This makes them an easy target for data breaches, unauthorized access, and credential theft.
The “Corporate Identity Threat Report 2024” (access here) leverages exclusive data accessible solely through the LayerX Browser Security solution. This information is sourced from LayerX’s distinctive oversight of every user activity on the browser, spanning various sectors. It presents an intricate assessment of emerging hazards and exposes concealed threats. To enroll in a live seminar that delves into the key discoveries of this report, Press here.
Below, we explore some of the report’s critical revelations in greater detail:
1. The Primary Peril Emerges from 2% of Users
Professionals in security investigating security risks may perceive every action within the enterprise as a danger to business operations. This kind of Fear, Uncertainty, and Doubt (FUD) proves to be counterproductive as it fails to aid in prioritizing risk management.
In contrast, this study furnishes information regarding the actual source of the risk. It establishes that merely 2% of users within a company bear responsibility for the bulk of identity-related hazards. These individuals have been linked to multiple public data breaches, frequently possessing feeble or compromised credentials, and circumventing Single Sign-On (SSO) mechanisms by utilizing outdated, easily crackable passwords.
There exists another intriguing aspect that heightens the risk associated with these users. The report not only identifies if a corporate identity has been exposed but also whether a password has been compromised, along with the frequency of such exposure.
On average, individuals whose passwords have been exposed were featured in 9.5 breaches. In comparison, identities exposed without passwords being compromised appeared, on average, in 5.9 datasets. Could this trend indicate that hackers concentrate more efforts on datasets with vulnerable passwords? The data doesn’t confirm this. Nevertheless, it underscores the heightened risk faced by users whose passwords have been exposed since the more datasets these passwords appear in, the wider the potential malicious impact of their credentials. This factor should be factored into your risk mitigation strategy.
2. Oversights in Corporate Credential Oversight
One of the paramount risks outlined in the report pertains to the prevalence of unseen identities. According to LayerX, 67.5% of corporate logins occur sans the protection of SSO. What’s more disturbing is that 42.5% of all logins to Software as a Service (SaaS) applications within organizational networks are conducted via personal accounts, completely evading corporate security team oversight.
These blind areas grant users the ability to bypass corporate identity safeguards. Security teams are devoid of visibility into the locations where corporate access is being exercised, hampering their capacity to detect and counter identity-related hazards.
3. Corporate Passwords as Prone as Personal Ones
Although corporate security protocols are perceived to be sturdier than personal security measures, this notion may not hold accurate when it concerns passwords.
Despite enforcements of password management and governance guidelines, the report discloses that 54% of corporate passwords are classified as medium-strength or weaker. In comparison, the percentage for personal passwords stands at 58%. These passwords, while conforming to basic security standards, can often be cracked in less than 30 minutes with contemporary tools.
4. Browser Extensions: A Neglected yet Expanding Threat
LayerX offers a unique view into one of the most prevalent yet unseen productivity aids: browser extensions. As per LayerX’s discoveries, 66.6% of installed browser extensions possess permissions with high or critical risks, with over 40% of users owning such high-risk extensions. These permissions frequently grant extensions access to sensitive data like user cookies and session tokens, which can be exploited to pilfer corporate credentials or hijack sessions.
5. Intruders Outmaneuvering Outdated Security Tools with Advanced Techniques
Lastly, the report unveils how malefactors are capitalizing on weaknesses in conventional security solutions such as Secure Web Gateways (SWGs). Consequently, these mechanisms have become less effective in thwarting breaches related to browsers. Some of the noteworthy discoveries in this domain are:
- 49.6% of successfully malicious web pages that evade preventive measures are hosted on reputable public hosting services, leveraging trust in well-known domains to evade detection.
- 70% of such malevolent pages utilize phishing kits bearing low or moderate resemblance to recognized phishing templates, allowing them to evade conventional phishing-detection measures.
- 82% of these pages manifest a high risk in terms of reputation, with 52% exhibiting low risk at the “top-level domain” level, indicating that malefactors are manipulating standard reputation-based defenses by exploiting public infrastructures to disseminate malicious content.
The takeaways from the “Corporate Identity Threat Report 2024” emphasize the critical necessity for enterprises to reassess their identity security strategies. Traditional methodologies that rely on network-level protection, password regulation, and trust in existing tools are no longer adequate to safeguard today’s browser-centric, remote-access environments. At the very least, security teams must be conscious of the areas they fail to encompass.
To join the live webinar unveiling the main insights from the report, To register to a live webinar to cover the key findings in this report, Click here.
About Author
