Microsoft revealed that 1.2 million Microsoft accounts were compromised in January 2020 from Malicious Attackers. They also said that over 99.9% of these users did not have MFA enabled which could have secured the majority of attacks. Approximately 80% of the compromised accounts were compromised from either Password Spray or Credential Stuffing attacks.
In a Password Spray Attack, the attackers try commonly used passwords to authenticate into lots of accounts. Microsoft has observed a 1% success rate on average.
In a Credential Stuffing Attack, the attackers take known username and password combinations from leaks on 3rd party sites. These credentials are then used and are successful when the same credentials have been reused between sites.
Both types of attacks primarily use basic auth to attempt authentication, such as SMTP, IMAP, POP, as there are a lot of existing hacking tools build to exploit them.
Okta is one of our recommended solutions for identity and access management. They offer several software and hardware MFA solutions, and have a wide Integration Network with a number of vendors including F5, Palo Alto and Fortinet.
- Manage access to all applications on-prem and in the cloud with Okta and F5
- Authenticating Access to your Web Apps using Okta, F5 APM and SAML 2.0
- End of support for Basic Authentication access to Exchange Online API’s for Office 365 customers
- Breaking Password Dependencies: Challenges in the Final Mile at Microsoft