As cybersecurity professionals, it’s common to focus on countering advanced adversary techniques. However, the most impactful attacks often stem from compromised credentials and cracked accounts. Despite the awareness of this threat, the Picus Security’s Blue Report 2025 reveals ongoing struggles in preventing password cracking attacks and detecting malicious use of compromised accounts.
With the first half of 2025 revealing compromised valid accounts as the most underprevented attack vector, there is an urgent need for a proactive approach to address threats evading organizations’ defenses.
A Wake-Up Call: The Alarming Rise in Password Cracking Success
The Picus Blue Report, based on empirical findings from over 160 million attack simulations, indicates a significant increase in password cracking success rates. This highlights the vulnerability of organizations due to weak passwords and outdated hashing algorithms, leaving critical systems open to brute-force and rainbow table attacks.
Organizations must prioritize enforcing strong password policies and integrating modern authentication practices to combat this persistent and effective attack method.
Why Organizations Are Failing to Prevent Password Cracking Attacks
Organizations’ failure to prevent password cracking attacks stems from the continued use of weak passwords and outdated credential storage methods. Enforcing stronger password policies, implementing multi-factor authentication, and regular validation of credential defenses are essential steps to mitigate this risk.
Credential-Based Attacks: A Silent but Devastating Threat
The threat of credential abuse remains pervasive and dangerous, with attackers leveraging stolen credentials to move laterally within networks undetected. Organizations must prioritize identity security and credential validation to combat this stealthy yet devastating form of attack.
Valid Accounts (T1078): The Most Exploited Path to Compromise
Valid Accounts (MITRE ATT&CK T1078) continue to be the most exploited attack technique, with a high success rate. Strengthening password policies, implementing multi-factor authentication, and enhancing behavioral detection capabilities are crucial defenses against credential abuse and lateral movement.
How to Strengthen Your Defenses Against Credential Abuse and Password Cracking
Implementing stronger password policies, enforcing complexity requirements, and adopting multi-factor authentication are key steps to protect against credential abuse. Regularly validating credential defenses and enhancing behavioral detection capabilities are essential to identify and mitigate vulnerabilities.
Closing the Gaps in Credential and Password Management
The Blue Report 2025 underscores the importance of addressing vulnerabilities in password cracking and compromised accounts. Organizations must focus on strengthening internal controls and credential management to reduce exposure to cyber threats effectively.
