• Hausa Edition
  • Podcast
  • Conferences
  • LeVogue Magazine
  • Business News
  • Print Advert Rates
  • Online Advert Rates
  • Contact Us
Thursday, August 28, 2025
Leadership Newspapers
Read in Hausa
  • Home
  • News
  • Politics
  • Business
  • Sport
  • Health
  • Entertainment
  • Opinion
    • Editorial
  • Columns
  • Football
  • Others
    • LeVogue Magazine
    • Conferences
    • National Economy
  • Contact Us
No Result
View All Result
  • Home
  • News
  • Politics
  • Business
  • Sport
  • Health
  • Entertainment
  • Opinion
    • Editorial
  • Columns
  • Football
  • Others
    • LeVogue Magazine
    • Conferences
    • National Economy
  • Contact Us
No Result
View All Result
Leadership Newspapers
No Result
View All Result

56% Of Cyberattacks Bypass Security With Legitimate Logins — Report

by Royal Ibeh
5 months ago
in News
Cyberattacks
Share on WhatsAppShare on FacebookShare on XTelegram

More than half of cyberattacks in 2024 bypassed traditional security defenses by using legitimate login credentials, rather than exploiting system vulnerabilities, a newly released 2025 Sophos Active Adversary Report revealed.

Advertisement

The report, which analysed over 400 cases of Managed Detection and Response (MDR) and Incident Response (IR), revealed that 56 percent of cyberattacks were executed by adversaries simply logging in rather than breaking in.

The findings underscore a growing trend in cybercrime, noting that attackers are moving away from brute-force tactics and system exploits, instead relying on stolen or compromised credentials to access corporate networks undetected.

According to Sophos, compromised credentials were the leading cause of cyber intrusions for the second consecutive year, accounting for 41 percent of all attacks.

This was followed by exploited vulnerabilities (21.79 percent) and brute force attacks (21.07 percent).

RELATED

UK Awards Chevening, Commonwealth Scholarships To 85 Nigerians

UK Awards Chevening, Commonwealth Scholarships To 85 Nigerians

17 minutes ago
BBNaija10: Housemates Panic As Imisi Discovers ‘Human Head’ Inside Fridge

BBNaija10: Housemates Panic As Imisi Discovers ‘Human Head’ Inside Fridge

23 minutes ago
ADVERTISEMENT

The invisibility of credential-based attacks makes them particularly dangerous. Once inside, attackers move quickly.

In cases involving ransomware, data exfiltration, and extortion, the report found that the median time from initial access to data exfiltration was just 3.04 days (72.98 hours).

After data was stolen, organisations had a median of only 2.7 hours before the attack was detected.

ADVERTISEMENT

“When attackers use stolen credentials, they can blend in with legitimate network traffic, making detection much harder. Organizations need to shift from passive security to active, continuous monitoring. Attackers are evolving, and so must our defense strategies,” the field CISO at Sophos, John Shier explained.

The report also highlighted alarming trends in attacker behaviour. For instance, attackers took a median of just 11 hours from initial access to their first attempt at breaching Active Directory (AD), a critical network asset.

“Ransomware remains a top threat, as Akira was the most frequently encountered ransomware group in 2024, followed by Fog and LockBit.

“Other findings revealed that the median time from an attack’s start to its detection fell from four days to just two in 2024. Remote Desktop Protocol (RDP) is a major weakness, as it was used in 84 percent of cases, making it the most exploited Microsoft tool.

“Attackers also work overnight, as 83 percent of ransomware deployments happened outside normal business hours, allowing cybercriminals to maximize damage before detection,” the report disclosed.

With attackers increasingly using legitimate credentials to bypass security, businesses must prioritise identity protection alongside traditional cybersecurity defenses, even as Sophos recommends that organizations should close exposed RDP ports to limit attack surfaces; implement phishing-resistant MFA to reduce the risk of credential theft and regularly update and patch vulnerable systems, especially internet-facing devices.

“Organisations should also deploy Endpoint Detection and Response (EDR) or Managed Detection and Response (MDR) with 24/7 proactive monitoring and establish and test a comprehensive incident response plan to react quickly to potential intrusions,” Sophos recommended.

As traditional security measures focus on preventing break-ins, attackers are adapting by simply walking through the front door with stolen credentials.

The 2025 Sophos report serves as a warning that strong passwords alone are no longer enough.

Businesses must embrace continuous monitoring, proactive defense strategies, and multi-layered security to keep pace with evolving cyber threats.


Join Our WhatsApp Channel

Nigerians can now earn US Dollars monthly by acquiring domains cheaply and reselling for profits up to $18,000 (nearly ₦30Million). Beneficiaries include professionals, entrepreneurs, civil servants and more. Click here to start.


Tags: Cyberattacks
SendShare10172Tweet6358Share
ADVERTISEMENT
Previous Post

Tinubu Congratulates Teenage Artist Kanyeyachukwu Over Guiness World Record Feat

Next Post

Nigerian Goalkeeper Osayi Kingdom Joins Swedish Club Assyriska

Royal Ibeh

Royal Ibeh

You May Like

UK Awards Chevening, Commonwealth Scholarships To 85 Nigerians
News

UK Awards Chevening, Commonwealth Scholarships To 85 Nigerians

2025/08/28
BBNaija10: Housemates Panic As Imisi Discovers ‘Human Head’ Inside Fridge
Entertainment

BBNaija10: Housemates Panic As Imisi Discovers ‘Human Head’ Inside Fridge

2025/08/28
Libyan Police Arrest 2 Nigerians Over Alleged Robbery Spree
News

Libyan Police Arrest 2 Nigerians Over Alleged Robbery Spree

2025/08/28
Police Arrest 5 For Alleged Motorcycle Theft, Drug Trafficking In Bauchi
News

Police Arrest 5 For Alleged Motorcycle Theft, Drug Trafficking In Bauchi

2025/08/28
TikToker Peller ‘Rescued’ After Kidnap
Entertainment

TikToker Peller ‘Rescued’ After Kidnap

2025/08/28
Rwanda Receives First Migrants Under US Deportation Deal
News

Rwanda Receives First Migrants Under US Deportation Deal

2025/08/28
Leadership Conference advertisement

LATEST

UK Awards Chevening, Commonwealth Scholarships To 85 Nigerians

BBNaija10: Housemates Panic As Imisi Discovers ‘Human Head’ Inside Fridge

Libyan Police Arrest 2 Nigerians Over Alleged Robbery Spree

Police Arrest 5 For Alleged Motorcycle Theft, Drug Trafficking In Bauchi

TikToker Peller ‘Rescued’ After Kidnap

Rwanda Receives First Migrants Under US Deportation Deal

Police Arrest Pastor, Wife For Allegedly Staging Kidnap To Extort ₦10m

Adams To Miss Super Eagles World Cup Qualifiers

Illegal Betting: NPFL Lifts Suspension On Goalkeeper Adeyinka

South Africa’s Malema Found Guilty Of Hate Speech Over 2022 Rally Remarks

© 2025 Leadership Media Group - All Rights Reserved.

No Result
View All Result
  • Home
  • News
  • Politics
  • Business
  • Sport
  • Health
  • Entertainment
  • Opinion
    • Editorial
  • Columns
  • Football
  • Others
    • LeVogue Magazine
    • Conferences
    • National Economy
  • Contact Us

© 2025 Leadership Media Group - All Rights Reserved.