IT Brief New Zealand - Technology news for CIOs & IT decision-makers
New Zealand
Guides
#
artificial intelligence
#
digital transformation
#
disaster recovery
#
internet of things
#
work from home
Search
Story image
#
Cybersecurity
#
Cybercriminals
#
Kaspersky
Alarming data reveals 32 million password attacks in 2023
Tue, 7th May 2024
Author image
By Shannon Williams, Journalist
Follow us

Weak and straightforward passwords have always been a tantalising target for cybercriminals as cracking them allows unlawful access to broad categories of data such as personal, financial and medical records. Recent telemetry by Kaspersky reveals a worrying trend – there were more than 32 million attempted attacks on users with password stealers in 2023.

Passwords function as key protective factors in our digital lives, but they also act as the entrance for deceitful cybercriminals eager to hack sensitive personal information. They are a prime target for progressively cunning cyberattacks, hence why proactive measures to safeguard accounts are of utmost importance. To shine a light on this, Kaspersky experts are sharing vital tips on enhancing password security on World Password Day (May 2nd).

In 2023, Kaspersky's telemetry indicated more than 32 million attempts to breach users via password stealers, following more than 40 million incursions in 2022. This dramatic increase in attacks underscores the importance for users to develop robust, unique, and diverse passwords for different accounts to mitigate cyber threats and maintain online security.

Kaspersky's experts put forward several strategies to bolster password security, including the association method, which can lead to strong yet memorable passwords. Here, a password is born out of a sequence of personally significant yet not easily guessable ideas or words such as favorite quotes or notable song lyrics. This technique gives rise to robust passwords without necessitating complex memorisation and lowers the risk of forgetfulness. A phrase like 'I first visited Paris in 2008' can be craftily transformed into the password 'IfvPin2o:o8'.

For those finding regular passwords monotonous or struggling with conjuring something new, emoji-passwords are an attractive, non-standard yet safe alternative. Tools and dictionaries used by scammers cannot brute-force such passwords with combinations like these. However, it's important to note that common or default passwords like '1234', 'password', or 'admin' are easily vulnerable to brute-force attacks by scammers who use tools to guess right combinations, potentially gaining access to personal data within seconds.

Strong and complicated passwords are a combination of letters, numbers, and symbols, and avoid any personal information like names or birthdays. One old but effective practice is to have one unique password for each account, which ensures that if one account gets compromised, the others remain secure. This strategy helps to ward off security breaches and protect sensitive data. However, with an average user having approximately 8 accounts, remembering multiple long, complicated passwords can be daunting, making password managers that can take on this responsibility an ideal solution to maintain secure online accounts.

Related stories
Why powerful, secure networks are critical for first-class healthcare
AI security course by AttackIQ prioritises risk mitigation
Microsoft addresses 59 CVEs including critical zero-day flaws
Why is a browser-native security solution better than cloud-based SWGs?
Radware & Lightpath announce new DDoS protection partnership
Top stories
Triomics secures $15M to boost oncology workflows with AI
ABBYY launches redesigned AI document skills marketplace
Rafay Systems enhances PaaS with GPU support for AI projects
Juniper Networks reveals major AI-driven network upgrades
Manhattan Associates unveils GenAI chatbot for customer service