Cybersecurity incidents are often associated with sophisticated exploits, but many of the most damaging breaches across public institutions, private companies and individual accounts have originated from something far more basic: predictable passwords and neglected account controls. A review of several high-profile cases shows how easily attackers can bypass defences when organisations rely on outdated credentials, skip essential updates or fail to enforce multi-factor authentication.
One example resurfaced when an older assessment revealed that the server used to manage surveillance cameras at a prominent European museum operated with a password identical to the institution’s name. The report, which stresses on configuration weaknesses and poor access safeguards, has drawn renewed attention following recent thefts from the museum’s collection. The outdated credential underlined how critical systems often remain vulnerable because maintenance and password policies fall behind operational needs.
A similar pattern was seen in May 2021 when a major fuel pipeline in the United States halted operations after attackers used a compromised login associated with an inactive remote-access account. The credential was not protected by secondary verification, allowing the intruders to infiltrate the network. The temporary shutdown triggered widespread disruption, and the operator ultimately paid a substantial ransom before systems could be restored. Investigators later recovered part of the payment, but the event d
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: