Impact and prevalence of cyberattacks that use stolen hashed administrator credentials
A recent One Identity survey[pdf] conducted among IT professionals sheds light on Pass the Hash (PtH) attacks, in which threat actors use stolen hashed administrator credentials in order to compromise systems. A staggering 95% of organizations have suffered PtH attacks that impacted business operations.
PtH attacks often impacted operational costs (70%) and distracted staff (68%). In 40% of cases these incidents had a direct financial impact on the targeted firm. The survey found that ignorance around PtH attacks is shockingly high among IT security stakeholders, with 68% acknowledging that they were not sure if their company suffered a PtH attack, and 4% admitting they were not even familiar with this type of attack.