Account Takeover (ATO) is when attackers abuse the inherent weaknesses in passwords to hijack an account for their own malicious ends. In an enterprise setting, it can be applied to everything from commandeering email accounts to illicitly accessing collaborative working tools or other SaaS services.
The most commonly sought credentials by cyber criminals are for cloud email services such as Microsoft Office 365. Compromising these allows an attacker a strong foothold for collecting intelligence, socially engineering employees or stealing critical IP emailed to the hijacked account.
A thorn in the side of enterprise security teams which could cost companies worldwide $25bn in 2020.