 "Privileged accounts are exploited in almost every targeted cyber attack, says report")
CyberArk has released a new report identifying the compromise and misuse of privileged accounts as a key signature common among advanced targeted cyber attacks. According to the report, every industry, every company is now a target. Cyber-attackers have broadened their targets, pursuing companies of all sizes, in all industries.
“This is often a means to an end: attackers are frequently after their supply chain partners. Threat investigators have traced attacks to non-traditional targets such trucking companies and all types of professional services firms, from management consultants and auditors to litigation attorneys, frequently as a key step in an attack on a business partner,” CyberArk said.
[caption id=“attachment_109389” align=“alignleft” width=“300”]
 Thinkstock[/caption]
Attackers will get inside of perimeter security and the most likely infection point is employees. Phishing attacks are the most common vector and are growing in sophistication, making employee log-ins far easier points of infiltration than network or software exploits, the report added.
Most attacks have been ongoing for 200 days or more before initial detection. Monetary attacks have a much shorter time to detection - typically less than 30 days. Attackers can cover their tracks using privileged accounts to delete log data and other evidence.
Privileged accounts are exploited in almost every targeted cyber attack, the report stated. The threat investigators claim that between 80-100 percent of all serious security incidents they’ve investigated featured the “signature” of compromised and exploited privileged accounts in the attack process.
“The risk and security vulnerabilities presented by privileged accounts are much greater than most companies realise. Companies underestimate how many privileged accounts they have and on what systems they reside.” CyberArk’s research demonstrates that organisations today have at least three-to-four times as many privileged accounts as employees.
Security investigators report a range of privileged account exploits - including repeated exploits in service accounts, to embedded devices in the Internet of Things to establishing multiple identities in Microsoft Active Directory to ensure redundant access points and backdoors, according to the CyberArk report.
“Privileged accounts which consist of IT administrative credentials, default and hardcoded passwords, application backdoors and more, provide attackers with an ‘all access pass’, enabling them to go where they want, traversing a network without hindrances. These accounts are also critical for attackers to hide their tracks and to exfiltrate data. Once attackers gain privileged access to critical applications and systems, they become exponentially more difficult to stop, heightening the risk of data loss and business damage,” the security company said.
 "Russian drones over Poland: Trump’s tepid reaction a wake-up call for Nato?")
 "As Russia pushes east, Ukraine faces mounting pressure to defend its heartland")
 "Why Mossad was not on board with Israel’s strike on Hamas in Qatar")
 "Turkey: Erdogan's police arrest opposition mayor Hasan Mutlu, dozens officials in corruption probe")
 "Russian drones over Poland: Trump’s tepid reaction a wake-up call for Nato?")
 "As Russia pushes east, Ukraine faces mounting pressure to defend its heartland")
 "Why Mossad was not on board with Israel’s strike on Hamas in Qatar")
 "Turkey: Erdogan's police arrest opposition mayor Hasan Mutlu, dozens officials in corruption probe")
](https://images.firstpost.com/wp-content/uploads/2014/11/CyberCrime.jpg){kind=link}