Imagine you’re a hacker. You want access to a specific company’s systems. Maybe you want to gain access to the IT infrastructure, maybe you want to change permissions to allow external communications, or maybe you want customer credit cards and personal information. What’s the easiest way to achieve your goal?
If you’re thinking about the network perimeter or some convoluted zero-day attack, think again. As a hacker, unprotected privileged accounts are your keys to the corporate IT kingdom, and they’re shockingly easy to gain access to.
It’s a fact: access to privileged accounts is an essential part of the modern hacker’s toolbox. Unprotected privileged accounts give hackers the means to access an organizations’ most sensitive assets— from financial information to customer records—with ease.
In fact, 45 percent of hackers called privileged accounts a “favorite target,” according to a recent survey of 201 hackers conducted by privileged password management firm Thycotic at the Black Hat USA 2015 conference. To some, that may not seem like much, but 45 percent is higher than most congressmen’s approval ratings, and when you consider the sheer damage that one breach can cause, having 45% of hackers knocking at your back door is no picnic.
And, as mentioned above, accessing that “favorite target” is a lot simpler than whipping up a complex zero-day attack, which can take months or even years to develop.
Complimentary Whitepaper: A Practical Path to Unified Identity Across Cloud, Data Center, and Mobile.
- Best practices for identifying and addressing a fractured identity environment.
- How to address identity management in the cloud.
94 percent of hackers surveyed had seen privileged credentials in unprotected files such as spreadsheets while just six percent reported never having seen unprotected privileged identities. That’s a huge disparity, and it’s one that could cost those businesses with looks privilege management a lot of money.
According to the 2015 Cost of Data Breach Study: Global Analysis report from IBM and the Ponemon Institute, the average cost of a data breach is $3.79 million, while the average cost per lost or stolen record is $154.
Beyond stumbling upon them in an unprotected spreadsheet, accessing privileged accounts in an unmanaged system can be as simple as phishing credentials from executives and IT staff, or even just guessing passwords.
Once access is gained, cybercriminals can look like any other employee in your organization, and may spend months—possibly years—planning an attack whilst gaining access to more and more systems, according to Eric Chiu, Co-Founder and President of cloud security firm Hytrust.
“Once cybercriminals have control of a privileged user’s credentials, they can move around at will in most companies,” says Chiu.
According to a recent survey from security firm CyberArk, hacked privileged accounts play a role in 80 percent of targeted attacks.
Complementary Whitepaper: Protecting Privileged Accounts from Abuse
- Identify the advantages and risks of High-Privilege Access
- Assure security compliance
- Learn to better manage privileged identities
These kinds of attacks are only becoming more prevalent, in fact, a recent survey by security firm BeyondTrust found that 84 percent of IT decision makers believed organizational risk from privileged users would increase in the next few years, but, despite this, many had no tools or processes in place to block privilege abuse.
“It’s evident that traditional security approaches are failing to stop advanced attacks,” says Chiu. “Organizations must take a fresh look at their internal security systems, processes, and people and put controls in place to protect these privileged accounts”
The bottom line, says Chiu, is that companies need to shift from the “inside out” model of network security and operate on the assumption that the bad guys are already on their network.
Interested in learning more about Identity Management? Check out these additional resources:
- 17 Cybersecurity Podcasts You Should Listen to in 2020 - January 3, 2019
- What’s Changed: Gartner 2017 Magic Quadrant for Identity Governance and Administration (IGA) - January 28, 2018
- Crossmatch Integrates Keyboard Capture to Identity Management Software - November 27, 2017