Ransomware attacks stemming from identity attacks have surpassed those originating from exploits, with email attacks being a primary vector. Notably, multifactor authentication (MFA) was in place in 97% of credential-based attacks, yet it failed to prevent compromises, highlighting the limitations of this security measure1. The ineffectiveness of MFA in preventing ransomware attacks underscores the need for a more comprehensive approach to security. The fact that MFA, a widely adopted security control, was unable to prevent attacks in nearly all cases where it was deployed, suggests that attackers have found ways to bypass or exploit weaknesses in these systems. This shift in ransomware causes has significant implications for security practitioners, who must now prioritize identity-based attack prevention and consider additional security measures to protect against these types of threats. So what this means for security teams is that they can no longer rely solely on MFA to prevent ransomware attacks.
Identity Attacks Overtake Exploits as Top Ransomware Cause
⚡ High Priority
Why This Matters
Multifactor authentication (MFA) was deployed in 97% of credential-based attacks but failed to prevent compromise.
References
- Dark Reading. (2026, July 15). Identity Attacks Overtake Exploits as Top Ransomware Cause. *Dark Reading*. https://www.darkreading.com/identity-access-management-security/identity-attacks-overtake-exploits-top-ransomware-cause
Original Source
Dark Reading
Read original →