The Rising Threat of Identity-Related Cyberattacks: Why Securing Non-Human Identities is Urgent

Surge in Identity-Related Cyber Attacks Underscores New Security Imperatives

In a landscape where cyber threats evolve rapidly, identity-related attacks have emerged as a persistent danger. Recent reports indicate a staggering uptick in high-profile breaches, with seven significant incidents leveraging compromised non-human identities over the past ten months. These attacks exploit vulnerabilities in API keys, OAuth tokens, and service accounts, enabling hackers to infiltrate organizations, extract sensitive data, and vanish without a trace.

The warning signs are clear. Gartner has highlighted credential misuse as a major attack vector, yet many organizations remain underprepared. Recent incidents, primarily categorized into three distinct threat types, highlight the urgent need for robust security measures.

1. Supply Chain Attacks: Hackers are increasingly targeting third-party applications to gain unauthorized access. Notable breaches include the April 2022 GitHub incident, where OAuth tokens meant for apps like Heroku and Travis-CI were stolen, compromising numerous repositories. Similarly, Mailchimp experienced unauthorized access to API keys, resulting in multiple credential compromises.

2. OAuth Phishing: As employees grow fatigued by security prompts, they become susceptible to advanced phishing techniques. A September 2022 attack on Microsoft saw adversaries deploying malicious OAuth applications that manipulated Exchange Online settings, while another incident in December exposed corporate users to phishing through impersonated companies.

3. Company Access Token Attacks: Internally initiated threats also pose risks, as indicated by the December 2022 cloning of sensitive repositories using a compromised GitHub Personal Access Token.

With non-human identities outnumbering human ones by 45 times, organizations must prioritize securing these digital entities. Unlike human accounts protected by layers of security, non-human identities often go unchecked, inviting significant risks.

As attacks grow in frequency and sophistication, now is the critical moment for organizations to fortify their defenses around non-human identities. Emphasizing robust access management and vigilant monitoring is essential in curbing this escalating threat landscape.