What are leaked credentials?
A leaked credentials risk detection type indicates that the user’s current credentials have been leaked. These credentials remain valid and can used to sign into an organization’s environment, to gain access to customers or critical operational data. There are ways to prevent or mitigate the effect of leaked credentials including changing password periodically. Because once one changes their password, the stolen identity becomes invalid.
But the danger of leaked credentials is that, most often, organizations may not be aware of stolen identities until critical data have been comprised. When cybercriminals compromise valid passwords of legitimate users, they post them publicly on the dark web or paste sites, or trade the credentials on the black market.
Microsoft monitors such public and dark webs using a set of AI and advanced technologies to run comparative analysis to see if a credential has been compromised. Microsoft works with the following:
- Law enforcement
- Security teams at Microsoft
- Other trusted sources
When the service acquires username and password pairs, they are checked against Microsoft Azure Active Directory (AAD) users’ current valid credentials. When a match is found, it means that a user’s password has been compromised and a leaked credentials risk detection is created.
We are seeing small and midsize businesses become the target of cyber criminals with COVID-19-related scams and phishing emails. Each business must figure out how best to deploy new devices remotely, while securing confidential employee, business and customer data.
The US Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) provides mitigation guidance for businesses regarding securing enterprise virtual private networks, remote access and bring your own device (BYOD) security as your business adapts to new ways of working.
With 50% of small businesses having experienced an attack within the past year, you will need to be more vigilant with securing your devices, applications and critical data.
Do you need to find out if you need advanced security within your organization? Learn more about our Cyber Security Vulnerability Assessment for Windows Environments by registering for our free informational webinar.
How can you detect and mitigate threats from leaked credentials using Microsoft Security?
Using Microsoft Identity protection and Microsoft Cloud App Security, organizations can create threat protection policies and also be able to to quickly investigate leaked credential to invalidate stolen credentials. Microsoft Cloud App Security and Azure AD Threat Protection offer organizations many options to prevent or mitigate the cyber-threat from leaked credentials. Organizations can choose which of the following methods works best for them.
How we can help you mitigate threats from leaked credentials
We work with organizations to strengthen their security posture and protect their organization against cybersecurity threats, including leaked credentials, malware detection and more with threat protection tools from Microsoft productivity applications and cloud services. We also provide one-time security assessments to assess your organization’s vulnerabilities based on data from your infrastructure. Visit our CSAT page to learn more.
For immediate assistance, email us at firstname.lastname@example.org