Single Sign-Ons are as not as safe as companies might think, report finds

The internet like everything has a dark side and for the internet, it is the dark web. On the dark web, one could find all sorts of illegal stuff for sale including stolen access data from half of the top US firms. Yes, you read that right.

According to a new report by research company BitSight, some of the top US companies whose combined market value is more than 11 trillion dollars, including more than 3,000 businesses, who, according to the report, have been the victims of at least one Single Sign-On (SSO) credential theft.

What are SSOs? Well for the people that don’t know SSO stands for Single-sign-on, which is the point that a user can log into an app or website only once. If they come back to the page regularly they would need to enter their password and log in every time. For most companies, this is the safest way of protecting user data but sometimes it can prove to not be enough. Half of the most important US companies have had their data stolen and up for sale on the dark web just this year even with security measures in place.

If you are thinking that only the big companies are affected by these attacks, then you are wrong because it is stated very clearly in the report that in June and July of this year alone, there were 1,500 fresh sets of credits available on the dark web.

According to BitSight, SSOs are the keys to the kingdom that can be used to lock the monarch out. They are called that because they can help in gaining access to multiple apps scattered throughout the database of a company or organization.

Now, let’s discuss some of the ways that these stolen credentials can be used because as said by the report, stolen SSO credentials have been used to help in more than half of the cyber-attacks in the United States.

Read next: This Research Shows Meta Apps Are Extremely Vulnerable to Cyber Attacks
Previous Post Next Post