What has changed is the environment in which those credentials are being tested. Recent internet outages and service outages have shown how quickly access controls can be affected when systems are under pressure. At these times, authentication processes may not work as intended, visibility is reduced, and additional verification steps are more likely to be delayed or bypassed. This creates an opening for attackers to exploit weak or compromised credentials, allowing them to gain easier access and move across systems with less resistance. From there, attacks like phishing, ransomware, data exfiltration, and remote access abuse can rapidly scale, often accelerated by AI.
