White Paper: The Role of Privileged Accounts in High Profile Breaches

WP-RolePrivActHighProfleBreaches-iconAs we examine a cross-section of recent high-profile, targeted, advanced cyber attacks, all indicators demonstrate that our patient and persistent adversaries have recycled many of the same tactics that they have successfully leveraged in years past. While new and sophisticated malware variants were continually developed to exploit systems in 2013, criminals, hacktivists and advanced attacks continued to do the most damage by exploiting privileged accounts to exfiltrate data. Three themes related to privileged accounts emerged in 2013 as recurring security challenges for organizations of all sizes:

  • Proliferation of local administrator accounts across the enterprise, often all sharing the same password
  • Excessive use of privileged service accounts with passwords that never expire and the ability to log on interactively
  • Lack of accountability around privileged account use