The Weekly Breach Breakdown Podcast by ITRC - Keys To The Kingdom - S5E7

Show Transcript

Welcome to the Identity Theft Resource Center's (ITRC) Weekly Breach Breakdown for March 1, 2024. Thanks to Sentilink for their support of the podcast and the ITRC. Each week, we look at the most recent events and trends related to data security and privacy. This week, we look at a rise in account credential attacks, as well as Okta data events leading to more company security.

In history, theology, and literature, there are many references to items being the "Keys to the Kingdom." Some item that unlocks treasure or power or knowledge. Sometimes, it's a literal key, and other times, it's a simple gesture or act of kindness.

In cybersecurity, a credential is the key. It may be a strong password that's a collection of letters, numbers and symbols – or increasingly, a secret token known as a passkey that's stored on a device in a way even the owner does not know it and is accessed by their face or finger.

Rise in Account Credential Attacks

Just in time, too. In 2023, IBM saw a 71 percent increase in valid account credential attacks. In other words, real credentials stolen in a cyberattack were used to access various accounts and systems in about one-third of cyberattacks last year.

"What you're really seeing is an aha moment on the part of threat actors in shifting to something that works," said Charles Henderson of IBM. "What this establishes is that the criminals have figured out that valid credentials are the path of least resistance and the easiest way in."

Bad actors are not just trying to get individuals to give up their credentials; they are attacking companies that offer identity and access management services, including password management. One such company is Okta.

Okta Data Events

In 2022, Okta was compromised by a phishing attack, a security breach and had its source code stolen. Early last year, Okta's customers were hit by a series of attacks, followed by an attack against Okta's customer support portal. 

Okta's early conclusion was that just one (1) percent of its customer support system clients were impacted. However, two months later, Okta revealed that 100 percent of its customer support clients were affected by the attack.

Okta Looks to Improve Company Security

Following the Okta data events, initial efforts to improve security didn't turn out well. However, this week, Okta's CEO announced a new initiative to secure the company's future along with its customer's data. Okta pledged to harden its corporate infrastructure, embody secure-by-design principles across its products, champion best practices, and invest $50 million in a fund to address cybersecurity challenges outside the company over the next five years.

"Historically, security has never been a value of Okta," confessed CEO David Bradbury to the trade publication CybersecurityDive. "I feel that this is different this time, and we've acknowledged that we didn't quite get the speed right, but we also didn't get the priority right," Bradbury said. "Okta built up a brand over a decade and then watched that brand be tarnished. There's still a substantial journey for us to go on to rebuild that trust."

Contact the ITRC

If you want to know more about how to protect your personal or business kingdom, any of the Okta data events, or think you have been the victim of an identity crime, you can speak with an expert ITRC advisor on the phone, chat live on the web or exchange emails during our normal business hours (Monday-Friday, 6 a.m.-5 p.m. PST). Just visit www.idtheftcenter.org to get started.

Thanks again to Sentilink for their support of the ITRC and this podcast. Check out our sister podcast, the Fraudian Slip, for a discussion on how facial comparison technology can help reduce identity crime. Join us next week for a special episode of the Fraudian Slip with our partners at the Federal Trade Commission as part of National Consumer Protection Week. We will return in two weeks with another episode of the Weekly Breach Breakdown.