Top 10 Identity Attack Techniques Used by Hackers

This report catalogs the top ten identity-based attack techniques used by adversaries—ranging from phishing and credential stuffing to Kerberoasting, Golden/Silver ticket forgeries, DCSync, and SIM swapping—illustrating each technique with real-world incidents (e.g., Scattered Spider/Marks & Spencer, Peach Sandstorm, Tycoon 2FA, ShinyHunters, Akira, Storm-0501, SVR/SolarWinds) and emphasizes that stolen credentials, session tokens, and identity-layer compromises remain the primary vector for major ransomware, espionage, and data theft campaigns; it recommends phishing-resistant MFA, conditional access, hardened AD hygiene, and identity threat detection as mitigations.