- Cybercriminals are increasingly targeting login credentials, session cookies, and more
- The threat of identity-based attacks is rising
- The costs are adding up, and businesses are slow to respond
Businesses are facing an increase in identity-based attacks, and rogue applications are the top culprit, research from the Huntress 2025 ‘Managed ITDR Report: Identity Is the New Security Perimeter’.
Based on a survey of more than 600 IT and security professionals, Huntress’ new report states that two-thirds (67%) of organizations reported an increase in identity-based incidents in the last three years.
What’s more, these attacks comprised more than 40% of security incidents for more than a third (35%) of organizations in the past 12 months alone.
Second increase
Huntress further claims that “rogue applications” are the number one concern here. Almost half (45%) or respondents said they encountered rogue and/or malicious applications in the past, while 46% described them as a “top identity-based concern”.
To make matters worse, detection and response times are not keeping up. More than half (53%) said they need “hours” to detect such an incident, and two-thirds (68%) added that they were “unable” to detect or respond to the threat until the actors already established persistence.
Huntress also warned that the financial impact of these attacks is “significant.” Aside from the downtime and reputational harm, the researchers found a third (32%) of businesses losing at least $100,000 as a result.
“There’s no denying identity is the new endpoint. With widespread cloud adoption, the shift to hybrid work, and an increased reliance on SaaS applications, the identity attack surface has exploded over the past few years,” said Prakash Ramamurthy, Chief Product Officer at Huntress.
“Hackers are no longer wasting time breaking into networks the hard way. They’re logging in using stolen credentials, session cookies, and access tokens to bypass endpoint protection and exploit weak multi-factor authentication.”
Not all is lost, though, as there are multiple methods, including zero-trust network access (ZTNA), that help mitigate this threat.
Leave a comment