He emphasized that the most common method used by attackers to gain access to such systems is through identity-based attacks, targeting vulnerable identity management systems like Active Directory.
“One common thread across all these campaigns is the use of identity for initial access, propagation, privilege escalation and persistence,” Deuby added. “Organizations should prioritize protecting these mission-critical systems that are always targeted by threat actors, whether they’re nation-state actors or cybercriminals.”
‘American Water’ Hit by Cyber-Attack, Billing Systems Disrupted
