{"id":15602,"date":"2026-02-04T08:36:01","date_gmt":"2026-02-04T08:36:01","guid":{"rendered":"https:\/\/newestek.com\/?p=15602"},"modified":"2026-02-04T08:36:01","modified_gmt":"2026-02-04T08:36:01","slug":"cybercriminals-set-sites-on-identities","status":"publish","type":"post","link":"https:\/\/newestek.com\/?p=15602","title":{"rendered":"Cybercriminals set sites on identities"},"content":{"rendered":"<div>\n<div id=\"remove_no_follow\">\n<div class=\"grid grid--cols-10@md grid--cols-8@lg article-column\">\n<div class=\"col-12 col-10@md col-6@lg col-start-3@lg\">\n<div class=\"article-column__content\">\n<section class=\"wp-block-bigbite-multi-title\">\n<div class=\"container\"><\/div>\n<\/section>\n<p>Eye Security\u2019s <a href=\"https:\/\/www.eye.security\/de\/trend-report-der-stand-der-incident-response-2026\" target=\"_blank\" rel=\"noreferrer noopener\">2026 State of Incident Response Report<\/a>\u00a0shows that cyberattacks on companies are increasingly going undetected, and the damage occurs within minutes. According to the report, attackers are now focusing less on hacking systems and more on exploiting existing access points.<\/p>\n<p>Identity-based attacks\u00a0dominate the field, with passwords being involved in 97% of incidents tracked by Eye Security. Abuse of legitimate accounts is a primary cause of cloud security incidents and drives the business of initial access brokers.<\/p>\n<p>However, the study\u2019s results show that attackers\u2019 fundamental methods remain unchanged. \u201cEven in 2026, compromise will still begin with phishing, exploiting misconfigured or vulnerable internet-enabled systems, social engineering, or attacks via the software supply chain,\u201d explains Lodi Hensen, VP of security operations at Eye Security.<\/p>\n<h2 class=\"wp-block-heading\" id=\"bec-attacks-are-particularly-common\">BEC attacks are particularly common<\/h2>\n<p><a href=\"https:\/\/www.csoonline.com\/article\/570999\/business-email-compromise-bec-attacks-take-phishing-to-the-next-level.html\" target=\"_blank\">Business email compromise (BEC)<\/a> is the most common form of attack, according to the study: More than 70% of incidents fall into this category. In 40% of these cases, phishing served as the initial point of entry. Analysts say that BEC attacks can remain undetected for weeks without continuous monitoring.<\/p>\n<p>Furthermore, the study highlights that ransomware remains one of the biggest threats. \u201cThe proliferation of Ransomware-as-a-Service (RaaS), BuilderLeaks, and access broker marketplaces has lowered the barriers to entry and created a professional ecosystem,\u201d the authors explain.<\/p>\n<p>The report reveals a dangerous trend: the commercialization of insider knowledge. \u201cGroups like ShinyHunters are actively recruiting employees to buy access credentials. This blurs the line between external attacks and insider threats,\u201d the security researchers explain. \u201cFor ransomware actors, this purchased access is often faster and more reliable than technical hacking.\u201d<\/p>\n<p>Companies in the industrial, construction, and transport and logistics sectors are particularly affected. Many ransomware attackers exploit everyday vulnerabilities: unprotected applications, insecure remote access, or phishing emails through which employees unknowingly disclose login credentials. The analysis evaluated a total of 630 security incidents in Europe from 2023 to 2025.<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Eye Security\u2019s 2026 State of Incident Response Report\u00a0shows that cyberattacks on companies are increasingly going undetected, and the damage occurs within minutes. According to the report, attackers are now focusing less on hacking systems and more on exploiting existing access points. Identity-based attacks\u00a0dominate the field, with passwords being involved in 97% of incidents tracked by Eye Security. Abuse of legitimate accounts is a primary cause&#8230; <\/p>\n<p class=\"more\"><a class=\"more-link\" href=\"https:\/\/newestek.com\/?p=15602\">Read More<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[1],"tags":[],"class_list":["post-15602","post","type-post","status-publish","format-standard","hentry","category-uncategorized","is-cat-link-borders-light is-cat-link-rounded"],"_links":{"self":[{"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/posts\/15602","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/newestek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=15602"}],"version-history":[{"count":0,"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/posts\/15602\/revisions"}],"wp:attachment":[{"href":"https:\/\/newestek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=15602"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/newestek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=15602"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/newestek.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=15602"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}