Weak and Compromised Passwords Drive Majority of Cybersecurity Breaches in Swedish Companies

Cybercriminals in Sweden are increasingly exploiting weak and stolen passwords to access corporate systems, bypassing advanced firewalls by logging in directly or manipulating IT helpdesks. According to Martin Jartelius, CTO of Outpost24, 81% of security breaches are linked to compromised or weak passwords, underscoring an urgent need for organizations to incentivize strong password creation and robust protection methods. A particularly vulnerable moment occurs on employees' first day of work, where temporary or standardized passwords are frequently used and often left unchanged, amplifying security risks.

Research by Specops Software shows 83% of compromised passwords meet traditional length and complexity criteria but are still insecure if previously leaked in data breaches. Specops offers tools that identify exposed passwords and enable companies to take proactive security actions by blocking over four billion known leaked passwords in real-time. Additionally, IT helpdesks present a critical vulnerability point; 20 to 50% of helpdesk calls are password reset requests, costing approximately 700 SEK each and prone to social engineering attacks. Specops Software's solutions incorporate mandatory identity verification before password resets, minimizing unauthorized access risks.

Jartelius emphasizes that user verification must be stringent not only during password resets but throughout all helpdesk interactions to ensure only authorized users receive system access. These combined strategies aim to significantly reduce cybersecurity incidents caused by password-related vulnerabilities within Swedish businesses.