{"id":7586,"date":"2025-11-19T09:39:26","date_gmt":"2025-11-19T07:39:26","guid":{"rendered":"https:\/\/blog.eset.ee\/et\/?p=7586"},"modified":"2025-11-19T09:39:33","modified_gmt":"2025-11-19T07:39:33","slug":"are-cybercriminals-hacking-your-systems-or-just-logging-in","status":"publish","type":"post","link":"https:\/\/blog.eset.ee\/et\/en\/2025\/11\/19\/are-cybercriminals-hacking-your-systems-or-just-logging-in\/","title":{"rendered":"Are cybercriminals hacking your systems \u2013 or just logging in?"},"content":{"rendered":"\n<p>Why break a door down and set the house alarm off when you have a key and a code to walk in silently? This is the rationale behind a trend in cybersecurity where adversaries are increasingly looking to steal passwords, and even authentication tokens and session cookies to bypass MFA codes so they can access networks by masquerading as legitimate users.<\/p>\n\n\n\n<p>According to&nbsp;<a href=\"https:\/\/www.verizon.com\/business\/resources\/T23a\/reports\/2025-dbir-data-breach-investigations-report.pdf\" target=\"_blank\" rel=\"noreferrer noopener\">Verizon<\/a>, \u201cuse of stolen credentials\u201d has been one of the most popular methods for gaining initial access over recent years. The use of stolen credentials appeared in a third (32%) of data breaches last year, its report notes. However, while there are several ways threat actors can get hold of credentials, there are also plenty of opportunities to stop them.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-why-credentials-are-ground-zero-for-cyberattacks\">Why credentials are ground zero for cyberattacks<\/h2>\n\n\n\n<p>According to&nbsp;<a href=\"https:\/\/www.flashpoint.io\/blog\/flashpoint-global-threat-intelligence-report-gtir-2025\/\" target=\"_blank\" rel=\"noreferrer noopener\">one estimate<\/a>, over 3.2 billion credentials were stolen from global businesses in 2024, a 33% annual increase. With the access these provide to corporate accounts, threat actors can effectively slip into the shadows while plotting their next move. This might involve some more advanced forms of criminal exploitation, for example:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Conducting network reconnaissance: looking for data, assets and user permissions to go after next<\/li>\n\n\n\n<li>Escalating privileges, e.g. via vulnerability exploitation, in order to move laterally to reach those high-value data stores\/systems<\/li>\n\n\n\n<li>Covertly establishing communications with a command-and-control (C2) server, to download additional malware from and exfiltrate data \u00a0<\/li>\n<\/ul>\n\n\n\n<p>By working through these steps, an adversary could also carry out highly successful ransomware and other campaigns.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-how-they-get-hold-of-passwords\">How they get hold of passwords<\/h3>\n\n\n\n<p>Threat actors have developed various ways to compromise your employees\u2019 corporate credentials or, in some cases, even their MFA codes. They include:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Phishing:<\/strong>\u00a0Emails or texts spoofed to appear as if sent from an official source (i.e., the IT department, or a tech supplier). The recipient will be encouraged to click on a malicious link taking them to a fake login page (i.e., Microsoft).<\/li>\n\n\n\n<li><strong>Vishing:<\/strong>\u00a0A variation on the phishing theme, but this time a victim receives a phone call from the threat actor. They may impersonate the IT helpdesk and request the victim hands over a password or enroll a new MFA device as part of some fictitious back story. Or they could call the helpdesk claiming to be an executive or employee who needs an urgent password reset to get their job done.<\/li>\n\n\n\n<li><strong>Infostealers:\u00a0<\/strong>Malware designed\u00a0<a href=\"https:\/\/www.welivesecurity.com\/en\/malware\/theyre-coming-data-infostealers-how-stay-safe\/\" target=\"_blank\" rel=\"noreferrer noopener\">to harvest credentials<\/a>\u00a0and session cookies from the victim\u2019s computer\/device. It might arrive via a malicious phishing link\/attachment, a compromised website, a booby-trapped mobile app, a social media scam or even an unofficial games mod. Infostealers are\u00a0<a href=\"https:\/\/www.flashpoint.io\/blog\/flashpoint-global-threat-intelligence-report-gtir-2025\/\" target=\"_blank\" rel=\"noreferrer noopener\">thought to have been responsible<\/a>\u00a0for 75% of compromised credentials last year.<\/li>\n\n\n\n<li><strong>Brute-force attacks:\u00a0<\/strong>These include credential stuffing, where adversaries try previously breached username\/password combos against corporate sites and apps. Password spraying, meanwhile, leverages commonly used passwords across different sites. Automated bots help them to do so at scale, until one finally works.<\/li>\n\n\n\n<li><strong>Third-party breaches:\u00a0<\/strong>Adversaries compromise a supplier or partner which\u00a0<a href=\"https:\/\/www.welivesecurity.com\/en\/how-to\/the-murky-world-of-password-leaks-and-how-to-check-if-youve-been-hit\/\" target=\"_blank\" rel=\"noreferrer noopener\">stores credentials<\/a>\u00a0for its clients, such as an MSP or a SaaS provider. Or they buy up troves of already breached login \u201ccombos\u201d to use in subsequent attacks.<\/li>\n\n\n\n<li><strong>MFA bypass:<\/strong>\u00a0The techniques include\u00a0<a href=\"https:\/\/www.welivesecurity.com\/2020\/11\/26\/sim-swap-scam-what-it-is-how-protect-yourself\/\" target=\"_blank\" rel=\"noreferrer noopener\">SIM swapping<\/a>, MFA prompt bombing that overwhelms the target with push notifications in order to cause \u201calert fatigue\u201d and elicit a push approval, and Adversary-in-the-Middle (AitM) attacks where attackers insert themselves between a user and a legitimate authentication service to intercept MFA session tokens.<\/li>\n<\/ul>\n\n\n\n<p>The past few years have been awash with real-world examples of password compromise leading to major security incidents. They include:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Change Healthcare<\/strong>: In one of the most significant cyberattacks of 2024, the ransomware group ALPHV (BlackCat)\u00a0<a href=\"https:\/\/www.hipaajournal.com\/change-healthcare-responding-to-cyberattack\/\">crippled Change Healthcare<\/a>, a major U.S. healthcare technology provider. The gang leveraged a set of stolen credentials to remotely access a server that did not have multifactor authentication (MFA) turned on. They then escalate their privileges and moved laterally within the systems and deployed ransomware, which ultimately led to an unprecedented disruption of the healthcare system and the theft of sensitive data on millions of Americans.<\/li>\n\n\n\n<li><strong>Snowflake:\u00a0<\/strong>Financially motivated threat actor\u00a0<a href=\"https:\/\/cloud.google.com\/blog\/topics\/threat-intelligence\/unc5537-snowflake-data-theft-extortion\">UNC5537 gained access<\/a>\u00a0to the Snowflake customer database instances\u00a0of multiple clients. Hundreds of millions of downstream customers were impacted by this massive data theft extortion campaign. The threat actor is thought to have accessed their environments via credentials previously stolen via infostealer malware.\u00a0<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-keep-your-eyes-peeled\">Keep your eyes peeled<\/h2>\n\n\n\n<p>All of which makes it more important than ever to protect your employees\u2019 passwords, make logins more secure, and monitor the IT environment more closely for the tell-tale signs of a breach.<\/p>\n\n\n\n<p>Much of this can be achieved by following a&nbsp;<a href=\"https:\/\/www.welivesecurity.com\/2021\/07\/23\/protecting-hybrid-workplace-zero-trust-security\/\" target=\"_blank\" rel=\"noreferrer noopener\">Zero Trust approach<\/a>&nbsp;based around the tenet: never trust, always verify. It means adopting risk-based authentication at the \u201cperimeter\u201d and then at various stages within a segmented network. Users and devices should be assessed and scored based on their risk profile, which can be calculated from time and location of login, device type, and session behavior. To bolster your organization\u2019s protection from unauthorized access and to ensure&nbsp;<a href=\"https:\/\/www.welivesecurity.com\/en\/business-security\/beyond-checkbox-demystifying-cybersecurity-compliance\/\" target=\"_blank\" rel=\"noreferrer noopener\">compliance with regulations<\/a>, rock-solid&nbsp;<a href=\"https:\/\/www.eset.com\/us\/business\/solutions\/multi-factor-authentication\/?utm_source=welivesecurity.com&amp;utm_medium=referral&amp;utm_campaign=autotagging&amp;utm_content=business-security&amp;utm_term=en\" target=\"_blank\" rel=\"noreferrer noopener\">multi-factor authentication (MFA)<\/a>&nbsp;is also a non-negotiable line of defense.<\/p>\n\n\n\n<p>You should complement this approach with updated&nbsp;<a href=\"https:\/\/www.welivesecurity.com\/en\/business-security\/making-it-stick-get-most-cybersecurity-training\/\" target=\"_blank\" rel=\"noreferrer noopener\">training and awareness programs for employees<\/a>, including real-world simulations using the latest social engineering techniques. Strict policies and tools preventing users from visiting risky sites (where infostealers might lurk) are also important, as is security software on all servers, endpoints and other devices, and continuous monitoring tools to spot suspicious behavior. The latter will help you to detect adversaries that may be inside your network courtesy of a compromised credential. Indeed, organizations also need to have a way of reducing the damage a compromised account can do, for example by following the principle of least privilege. Finally, dark web monitoring can help you check if any enterprise credentials are up for sale on the cybercrime underground.<\/p>\n\n\n\n<p>More broadly, consider enlisting the help of an expert third party via a managed detection and response (MDR) service. especially if your company is short on resources. In addition to lower total cost of ownership, a reputable MDR provider brings subject-matter expertise, round-the-clock monitoring and threat hunting, and access to analysts who understand the nuances of credential-based intrusions and can also accelerate incident response if compromised accounts are detected.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Why break a door down and set the house alarm off when you have a key and a code to walk in silently? This is the rationale behind a trend in cybersecurity where adversaries are increasingly looking to steal passwords, and even authentication tokens and session cookies to bypass MFA codes so they can access<\/p>\n","protected":false},"author":5,"featured_media":7604,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[215,148,153,165,167,363,173],"tags":[],"class_list":["post-7586","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-andmepuuk","category-cybersecurity","category-hacking","category-phishing","category-privacy","category-vulnerability","category-windows"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v26.2 (Yoast SEO v27.3) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Are cybercriminals hacking your systems \u2013 or just logging in? - ESET Eesti Blogi<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/blog.eset.ee\/et\/en\/2025\/11\/19\/are-cybercriminals-hacking-your-systems-or-just-logging-in\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Are cybercriminals hacking your systems \u2013 or just logging in?\" \/>\n<meta property=\"og:description\" content=\"Why break a door down and set the house alarm off when you have a key and a code to walk in silently? This is the rationale behind a trend in cybersecurity where adversaries are increasingly looking to steal passwords, and even authentication tokens and session cookies to bypass MFA codes so they can access\" \/>\n<meta property=\"og:url\" content=\"https:\/\/blog.eset.ee\/et\/en\/2025\/11\/19\/are-cybercriminals-hacking-your-systems-or-just-logging-in\/\" \/>\n<meta property=\"og:site_name\" content=\"ESET Eesti Blogi\" \/>\n<meta property=\"article:publisher\" content=\"http:\/\/www.facebook.com\/antiviirus\" \/>\n<meta property=\"article:published_time\" content=\"2025-11-19T07:39:26+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-11-19T07:39:33+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/blog.eset.ee\/wp-content\/uploads\/2025\/11\/cyber.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1920\" \/>\n\t<meta property=\"og:image:height\" content=\"1097\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"ESET Blog\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"ESET Blog\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/2025\\\/11\\\/19\\\/are-cybercriminals-hacking-your-systems-or-just-logging-in\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/2025\\\/11\\\/19\\\/are-cybercriminals-hacking-your-systems-or-just-logging-in\\\/\"},\"author\":{\"name\":\"ESET Blog\",\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/#\\\/schema\\\/person\\\/876cf293277fc0b2ae2f4395fffe4c88\"},\"headline\":\"Are cybercriminals hacking your systems \u2013 or just logging in?\",\"datePublished\":\"2025-11-19T07:39:26+00:00\",\"dateModified\":\"2025-11-19T07:39:33+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/2025\\\/11\\\/19\\\/are-cybercriminals-hacking-your-systems-or-just-logging-in\\\/\"},\"wordCount\":1056,\"image\":{\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/2025\\\/11\\\/19\\\/are-cybercriminals-hacking-your-systems-or-just-logging-in\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/blog.eset.ee\\\/wp-content\\\/uploads\\\/2025\\\/11\\\/cyber.png\",\"articleSection\":[\"andmep\u00fc\u00fck\",\"cybersecurity\",\"hacking\",\"phishing\",\"privacy\",\"vulnerability\",\"windows\"],\"inLanguage\":\"en-US\",\"copyrightYear\":\"2025\",\"copyrightHolder\":{\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/#organization\"}},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/2025\\\/11\\\/19\\\/are-cybercriminals-hacking-your-systems-or-just-logging-in\\\/\",\"url\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/2025\\\/11\\\/19\\\/are-cybercriminals-hacking-your-systems-or-just-logging-in\\\/\",\"name\":\"Are cybercriminals hacking your systems \u2013 or just logging in? - ESET Eesti Blogi\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/2025\\\/11\\\/19\\\/are-cybercriminals-hacking-your-systems-or-just-logging-in\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/2025\\\/11\\\/19\\\/are-cybercriminals-hacking-your-systems-or-just-logging-in\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/blog.eset.ee\\\/wp-content\\\/uploads\\\/2025\\\/11\\\/cyber.png\",\"datePublished\":\"2025-11-19T07:39:26+00:00\",\"dateModified\":\"2025-11-19T07:39:33+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/#\\\/schema\\\/person\\\/876cf293277fc0b2ae2f4395fffe4c88\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/2025\\\/11\\\/19\\\/are-cybercriminals-hacking-your-systems-or-just-logging-in\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/2025\\\/11\\\/19\\\/are-cybercriminals-hacking-your-systems-or-just-logging-in\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/2025\\\/11\\\/19\\\/are-cybercriminals-hacking-your-systems-or-just-logging-in\\\/#primaryimage\",\"url\":\"https:\\\/\\\/blog.eset.ee\\\/wp-content\\\/uploads\\\/2025\\\/11\\\/cyber.png\",\"contentUrl\":\"https:\\\/\\\/blog.eset.ee\\\/wp-content\\\/uploads\\\/2025\\\/11\\\/cyber.png\",\"width\":1920,\"height\":1097},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/2025\\\/11\\\/19\\\/are-cybercriminals-hacking-your-systems-or-just-logging-in\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Are cybercriminals hacking your systems \u2013 or just logging in?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/#website\",\"url\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/\",\"name\":\"ESET Eesti Blogi\",\"description\":\"Uudised IT maailmast\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/#\\\/schema\\\/person\\\/876cf293277fc0b2ae2f4395fffe4c88\",\"name\":\"ESET Blog\",\"sameAs\":[\"http:\\\/\\\/eset.ee\"],\"url\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/author\\\/allankinsigo\\\/\"},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/2025\\\/11\\\/19\\\/are-cybercriminals-hacking-your-systems-or-just-logging-in\\\/#local-main-organization-logo\",\"url\":\"\",\"contentUrl\":\"\",\"caption\":\"ESET EESTI\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Are cybercriminals hacking your systems \u2013 or just logging in? - ESET Eesti Blogi","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/blog.eset.ee\/et\/en\/2025\/11\/19\/are-cybercriminals-hacking-your-systems-or-just-logging-in\/","og_locale":"en_US","og_type":"article","og_title":"Are cybercriminals hacking your systems \u2013 or just logging in?","og_description":"Why break a door down and set the house alarm off when you have a key and a code to walk in silently? This is the rationale behind a trend in cybersecurity where adversaries are increasingly looking to steal passwords, and even authentication tokens and session cookies to bypass MFA codes so they can access","og_url":"https:\/\/blog.eset.ee\/et\/en\/2025\/11\/19\/are-cybercriminals-hacking-your-systems-or-just-logging-in\/","og_site_name":"ESET Eesti Blogi","article_publisher":"http:\/\/www.facebook.com\/antiviirus","article_published_time":"2025-11-19T07:39:26+00:00","article_modified_time":"2025-11-19T07:39:33+00:00","og_image":[{"url":"https:\/\/blog.eset.ee\/wp-content\/uploads\/2025\/11\/cyber.png","width":1920,"height":1097,"type":"image\/png"}],"author":"ESET Blog","twitter_card":"summary_large_image","twitter_misc":{"Written by":"ESET Blog","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/blog.eset.ee\/et\/en\/2025\/11\/19\/are-cybercriminals-hacking-your-systems-or-just-logging-in\/#article","isPartOf":{"@id":"https:\/\/blog.eset.ee\/et\/en\/2025\/11\/19\/are-cybercriminals-hacking-your-systems-or-just-logging-in\/"},"author":{"name":"ESET Blog","@id":"https:\/\/blog.eset.ee\/et\/en\/#\/schema\/person\/876cf293277fc0b2ae2f4395fffe4c88"},"headline":"Are cybercriminals hacking your systems \u2013 or just logging in?","datePublished":"2025-11-19T07:39:26+00:00","dateModified":"2025-11-19T07:39:33+00:00","mainEntityOfPage":{"@id":"https:\/\/blog.eset.ee\/et\/en\/2025\/11\/19\/are-cybercriminals-hacking-your-systems-or-just-logging-in\/"},"wordCount":1056,"image":{"@id":"https:\/\/blog.eset.ee\/et\/en\/2025\/11\/19\/are-cybercriminals-hacking-your-systems-or-just-logging-in\/#primaryimage"},"thumbnailUrl":"https:\/\/blog.eset.ee\/wp-content\/uploads\/2025\/11\/cyber.png","articleSection":["andmep\u00fc\u00fck","cybersecurity","hacking","phishing","privacy","vulnerability","windows"],"inLanguage":"en-US","copyrightYear":"2025","copyrightHolder":{"@id":"https:\/\/blog.eset.ee\/et\/#organization"}},{"@type":"WebPage","@id":"https:\/\/blog.eset.ee\/et\/en\/2025\/11\/19\/are-cybercriminals-hacking-your-systems-or-just-logging-in\/","url":"https:\/\/blog.eset.ee\/et\/en\/2025\/11\/19\/are-cybercriminals-hacking-your-systems-or-just-logging-in\/","name":"Are cybercriminals hacking your systems \u2013 or just logging in? - ESET Eesti Blogi","isPartOf":{"@id":"https:\/\/blog.eset.ee\/et\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/blog.eset.ee\/et\/en\/2025\/11\/19\/are-cybercriminals-hacking-your-systems-or-just-logging-in\/#primaryimage"},"image":{"@id":"https:\/\/blog.eset.ee\/et\/en\/2025\/11\/19\/are-cybercriminals-hacking-your-systems-or-just-logging-in\/#primaryimage"},"thumbnailUrl":"https:\/\/blog.eset.ee\/wp-content\/uploads\/2025\/11\/cyber.png","datePublished":"2025-11-19T07:39:26+00:00","dateModified":"2025-11-19T07:39:33+00:00","author":{"@id":"https:\/\/blog.eset.ee\/et\/en\/#\/schema\/person\/876cf293277fc0b2ae2f4395fffe4c88"},"breadcrumb":{"@id":"https:\/\/blog.eset.ee\/et\/en\/2025\/11\/19\/are-cybercriminals-hacking-your-systems-or-just-logging-in\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/blog.eset.ee\/et\/en\/2025\/11\/19\/are-cybercriminals-hacking-your-systems-or-just-logging-in\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blog.eset.ee\/et\/en\/2025\/11\/19\/are-cybercriminals-hacking-your-systems-or-just-logging-in\/#primaryimage","url":"https:\/\/blog.eset.ee\/wp-content\/uploads\/2025\/11\/cyber.png","contentUrl":"https:\/\/blog.eset.ee\/wp-content\/uploads\/2025\/11\/cyber.png","width":1920,"height":1097},{"@type":"BreadcrumbList","@id":"https:\/\/blog.eset.ee\/et\/en\/2025\/11\/19\/are-cybercriminals-hacking-your-systems-or-just-logging-in\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/blog.eset.ee\/et\/en\/"},{"@type":"ListItem","position":2,"name":"Are cybercriminals hacking your systems \u2013 or just logging in?"}]},{"@type":"WebSite","@id":"https:\/\/blog.eset.ee\/et\/en\/#website","url":"https:\/\/blog.eset.ee\/et\/en\/","name":"ESET Eesti Blogi","description":"Uudised IT maailmast","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/blog.eset.ee\/et\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/blog.eset.ee\/et\/en\/#\/schema\/person\/876cf293277fc0b2ae2f4395fffe4c88","name":"ESET Blog","sameAs":["http:\/\/eset.ee"],"url":"https:\/\/blog.eset.ee\/et\/en\/author\/allankinsigo\/"},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blog.eset.ee\/et\/en\/2025\/11\/19\/are-cybercriminals-hacking-your-systems-or-just-logging-in\/#local-main-organization-logo","url":"","contentUrl":"","caption":"ESET EESTI"}]}},"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/posts\/7586","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/comments?post=7586"}],"version-history":[{"count":0,"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/posts\/7586\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/media\/7604"}],"wp:attachment":[{"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/media?parent=7586"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/categories?post=7586"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/tags?post=7586"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}