Password-based attacks have increased by 74% during the past year, with an estimated 921 attacks launched per second, reports ZDNET.
Ninety percent of the compromised accounts lacked "strong authentication," indicating the absence of multi-factor authentication, according to Microsoft's Digital Defense Report 2022. Below one-third of accounts have been protected with MFA although the adoption of additional security layers has been increasing. The findings showed that many accounts continue to be vulnerable to data theft, business email compromise attacks, malware deployment, and ransomware attacks.
"Many cyberattacks are successful simply because basic security hygiene has not been followed," Microsoft said.
With basic security hygiene helping to curb 98% of malicious cyber intrusions, organizations and users have been urged by Microsoft to implement minimum account security standards, including MFA. Microsoft has also encouraged network-wide application of zero-trust cybersecurity, as well as the timely implementation of software, application, and operating system updates to better defend systems against threats.