Page 117 - Cyber Defense eMagazine for July 2020
P. 117
Post COVID-19: Password Extinction Accelerated;
Telemedicine Spurs Fraud
By Robert Prigge, CEO of Jumio
Passwords will become extinct much faster than predicted.
As the COVID-19 pandemic pushed more of us to self-isolate, Zoom became the go-to teleconferencing
platform. In fact, Zoom went from 10 million daily meetings in December to 300 million today.
Unfortunately, this surge in popularity came with a price tag — a lack of data privacy. Now, there are over
500,000+ stolen Zoom logins floating around the dark web for just .002 cents each. And this is just
opening the door for account takeover (ATO) attacks via credential stuffing — a type of cyberattack where
automated bots use those stolen account credentials to gain unauthorized access to user accounts. And
Zoom is not alone. We’ve also seen a rash of account takeover attempts aimed at users of Microsoft’s
proprietary Remote Desktop Protocol (RDP), striking millions per week.
With data collected and sold on the dark web containing usernames and passwords from past breaches,
and internet users often recycling the same login credentials across multiple platforms, cybercriminals
have all of the tools they need to impersonate a user’s identity online. This means that if your online
account is only protected by a username and password, then you’re likely going to be an ATO target. As
a result, password-based authentication, multi-factor authentication (2FA) and knowledge-based
authentication (KBA) will be a thing of the past much sooner than previously anticipated, and businesses
will look to more sophisticated and secure login options for current and prospective users.
Cyber Defense eMagazine –July 2020 Edition 117
Copyright © 2020, Cyber Defense Magazine. All rights reserved worldwide.
