Padlocked

Protecting you from cybercrime, one step at a time.

Below this is were the further explanation of this website resides! If you want to know more about the website, or need access to the pages, please select the link to the page below!

    Common Cyberattacks: Identity-Based

    What are Identity-Based Attacks?
    Identity-based attacks prioritise user credentials, including the likes of usernames, passwords and authentication methods. They primarily use the likes of phishing, credential stuffing, bypassing MFAs and session hijacks to impersonate and move within a network. These attacks are also insanely challenging to detect, as the hacker will attempt to mimic the user.


    The Types of Identity-Based Attacks
    There are several types of identity-based attacks, examples being both silver ticket and gold ticket attacks, the former steals passwords and creates an encrypted pathway into a system, and the latter gains a nearly unlimited access to domains by using stored data within active directories.

    Identifying and Mitigating Identity-Based Attacks
    To help protect against identity-based attacks, the likes of 2FA via passwords and biometrics, MFA like security keys to prevent theft, and avoiding reliance on SMS-based MFA. Passkey authentication, hardware security keys and monitoring login patterns can also assist with identifying this cyberattack.