How Cyberattackers Gain Access

Key Takeaways

• Identity weaknesses show up in 90% of Unit 42 investigations, so identity is a top control point.
• Identity-driven techniques drive 65% of initial access, led by social engineering and credential misuse.
• Excess permissions and token abuse help attackers move faster, so least privilege and session hardening matter.