A single weak or guessed password enabled a breach that led to a ransomware attack, shutting down operations for over 700 employees and forcing a 158-year-old transport company into administration. Passwords are described as frustrating, insecure, and easily compromised; hygiene measures and human diligence cannot fully address fundamental weaknesses. Complex, interconnected infrastructure allows attackers to move laterally and steal mission-critical data once a credential is obtained. Brute-force and social engineering remain low-cost, high-success tactics. Password managers and privileged access tools ease the memory burden but shift rather than eliminate risk, while adoption of protective tools remains inconsistent.
"Passwords have outlived their usefulness," says Simon McNally, cybersecurity expert at Thales. "They're frustrating, insecure, and easily compromised. Hygiene can't fix what's fundamentally broken. Humans forget, make mistakes, and seek workarounds. As we saw with the recent transport company breach, weak or reused passwords can still topple entire organizations."
"a password is all it takes to steal mission-critical data"
"Static credentials like passwords need to be eliminated," he says. "Not even the strongest password hygiene strategy will protect against human error."
"it is only a matter of time before one of [hundreds of employees] gets tricked into handing over credentials. And that is all it takes for a large-scale attack"
Collection
[
|
...
]