10. Stolen Credentials
Using stolen credentials to impersonate a valid user was the most significant threat action used in 2013, according to Verizon. Stolen credentials are used by financially motivated cybercriminals, hacktivists and clandestine operations, Verizon said. An attacker can use stolen credentials to appear to be a valid user on a corporate network. It's prompted security experts to call for the increased use of two-factor authentication and other measures to validate a user attempting to log into systems. Behavioral analysis systems also can be put in place to trigger an alert if it observes suspicious activity, such as a user attempting to log in at an unusual time.