Misuse of Information Technology (IT) identity credentials is a significant enabling factor for cyber-attacks. The resulting costs to a business to resolve these attacks can be very high. Some example business costs may include, but are not limited to, lost revenue, customer restitution, an extensive public relations campaign to repair public image (e.g., associated with the business and/or organization that suffered the attack, etc.), legal fees, regulatory fines, etc. Organizations are currently making large investments in cyber-attack protection products—yet the threat likelihood and associated costs with cyber-attacks continue to rise. Some examples of recent cyber-attacks where identity credentials were a key enabling factor are shown in Table 1 below.
Examples of recent cyber attacks where identity credential misuse was the key enabling factor were identified in a study outlined in the following table (Source: Verizon and Ponemon Institute, Cost of Cyber Crime Studies):
TABLE 1Number ofRecordsKey EnablingExample CostsOrganizationType of Data LossBreachedFactorto OrganizationsPremeraPersonally 11MStolen IdentityUnder Analysis -IdentifiableCredentialscould exceedInformation (PII) and$50MProtected HealthInformation (PHI)Anthem BC/BSPII and PHI 80MStolen IdentityUnder Analysis -Credentialscould exceed$100MJ P MorganCustomer Personal 75MStolen IdentityData notInformationCredentialsreleasedeBayPII and Credit Card145MStolen IdentityLarge drop inCredentialsrevenuesUniversity ofPII309KStolen$6M for freeMarylandPrivilegedCreditIdentityMonitoring for 2CredentialsYearsTargetPII and Credit Card70M PIIStolen Identity5.3% Revenue40M CreditCredentialsLossCardExperianPII200MImposterSignificantSubsidiaryIdentityPublic RelationsCredentialsCampaign42% of allIntellectual Property,Unknown butInsider Threat65 days toOrganizationsPII, Credit Card, andConsideredwith ValidResolveother typesVery LargeIdentity$4.2M-$11.6MCredentialsin RecoveryCosts
Current cyber-attack protection products provide reactive capabilities based on software behavior patterns (or signatures) of viruses and malware. Each of the organizations in Table 1 (above) had virus/malware protection products in-place. However, the organizations were still left unprotected against identity credential misuse.
The rapid transition by businesses to “Cloud Computing” and the advent of the “Internet of Things” (IoT) will make the problems and risks associated with identity credential misuse even worse. For example, Cloud Computing and the IoT can make identity credentials more highly distributed than they are today because most business utilize on-premises software capabilities for their Identity and Access Management functions that are limited to smaller scale networks and environments. However, Cloud Computing and the IoT operate over very large-scale, highly distributed networks. As a result, it is expected that the number of identity credentials in use at any given time will increase exponentially. This increase in identity credential usage can cause large amounts of data to go ignored due in part to the sheer magnitude of data available.