News

In today's digital landscape, compromised credentials are a leading cause of data breaches, particularly affecting small to medium businesses (SMBs). These businesses often lack the robust security infrastructure of larger enterprises, making them attractive targets for cybercriminals. Implementing a robust Security Awareness Training (SAT) program can significantly mitigate this risk by educating employees on recognizing and responding to potential threats.

US National Statistics on Compromised Credentials Breaches

Recent statistics highlight the severity of the issue for SMBs

These statistics underscore the vulnerability of SMBs to cyber threats and the critical need for effective cybersecurity measures.

Real World Case Scenarios

Case 1: Credential Theft via VPN Exploitation A significant threat to SMBs is the exploitation of VPN-related vulnerabilities. For example, vulnerabilities like CVE-2018-13379 and CVE-2022-40684 have been widely used by attackers to steal credentials and gain administrative control over critical systems. Despite being disclosed years ago, these vulnerabilities remain popular due to the failure to patch systems promptly. Attackers use stolen credentials to infiltrate networks, move laterally, and exfiltrate data undetected [4].

Case 2: Social Engineering and Remote Access Tools In another sophisticated attack, cybercriminals combined vishing (voice phishing), remote access tools, and living-off-the-land techniques to infiltrate a victim's system. The attackers used social engineering tactics to manipulate the victim into executing a malicious PowerShell payload delivered via a Microsoft Teams message. Once inside, they escalated their access using legitimate remote support tools and exploited compromised credentials to move undetected across the network [5].

Case 3: Credential Stuffing Credential stuffing is another common attack where cybercriminals use stolen credentials from one organization to access user accounts at another organization. This type of attack is becoming increasingly common due to the ease of execution and the availability of stolen credentials on dark web marketplaces. For instance, attackers can use automated networks of bots to attempt logins to services like Microsoft 365, Google, or AWS using valid usernames and passwords.

The Role of Security Awareness Training

A robust Security Awareness Training (SAT) program is essential in mitigating the risk of compromised credentials. SAT programs educate employees on recognizing phishing attempts, the importance of strong passwords, and the dangers of social engineering. By fostering a culture of security awareness, SMBs can significantly reduce the likelihood of successful cyberattacks.

Key Components of an Effective SAT Program:

• Regular Training Sessions: Conduct regular training sessions to keep employees updated on the latest threats and best practices.
• Simulated Phishing Attacks: Use simulated phishing attacks to test and reinforce employees' ability to recognize and respond to phishing attempts.
• Multi-Factor Authentication (MFA): Encourage the use of MFA to add an extra layer of security to user accounts.
• Incident Response Plans: Develop and regularly update incident response plans to ensure quick and effective action in the event of a breach.

By investing in a comprehensive SAT program, SMBs can protect their valuable data, maintain customer trust, and ensure business continuity.

References

[1] BingAnswers-20240114-203201

[2] 110+ of the Latest Data Breach Statistics [Updated 2025] - Secureframe

[3] 35 Alarming Small Business Cybersecurity Statistics for 2025

[4] Identity Theft Resource Center’s 2024 Annual Data Breach Report Reveals ...

[5] INFORMATIONAL - Severity: Low - TLP:GREEN - Signed. Sideloaded. Compromised! - New resource in watched category