Adversaries can impersonate a user without their knowledge
Stolen credentials can be used by an adversary to circumvent security measures which an organisation has implemented to protect sensitive information and services. With these legitimate credentials, an adversary can impersonate a user without their knowledge.
With legitimate credentials, an adversary can use remote access solutions to mask their activities and avoid detection. Failure to regularly audit logs from remote access solutions increases the risk and extent of a compromise.
While multi-factor authentication provides an additional layer of security, some implementations are more effective than others. Multi-factor authentication that has not been implemented or configured properly can result in a false sense of security and leave an organisation vulnerable.