Acronis, a global leader in cyber protection, today issued a warning that, based on their research of recent cyberattack trends and existing business practices, organizations around the world currently face a global threat to data privacy and security. The company announced its findings on international Data Privacy Day to alert organizations that immediate action is needed to avoid costly attacks.
The latest research by the cybersecurity experts at the global network of Acronis Cyber Protection Operations Centers (CPOCs) revealed that 80% of companies do not have an established password policy. Between 15-20% of the passwords used in a business environment include the name of the company, making them easier to compromise. Two recent high-profile breaches illustrate this problem: Before its Orion compromise, SolarWinds was warned that one of its update servers had a publicly known password of “solarwinds123”, while former President Donald Trump’s Twitter account was hacked because the password was allegedly “maga2020!”.
Of the organizations that do have a password policy in place, the researchers found many rely on default passwords and up to 50% of those are categorized as weak.
Attackers know these weak password practices are widespread and, with so many employees working from home as a result of the COVID-19 pandemic, cybercriminals have targeted the less secure systems of these remote workers. Acronis analysts observed a dramatic increase in the number of brute force attacks during 2020 and found that password stuffing was the second most used cyberattack last year, just behind phishing.
“The sudden rush to remote work during the pandemic accelerated the adoption of cloud-based solutions,” explains Candid Wüest, VP of Cyber Protection Research at Acronis. “In making that transition, however, many companies didn’t keep their cybersecurity and data protection requirements properly in focus. Now, those ..
Support the originator by clicking the read the rest link below.
