“The Compromise of Privileged Accounts was a Crucial Factor in 100% of APTs”: CyberSheath Releases the First APT//Privileged Accounts Research Report

by John Worrall

This week the CyberArk team is excited to announce the availability of an important and revealing new research report: “APT Privileged Account Exploitation.” This is the first IT security industry report that truly highlights the distinct connection between the misuse of privileged accounts and Advanced Persistent Threats (APTs). While we have been warning organizations of this connection for some time now, this report brings to light the severity of the situation and the frequency of the “privileged connection” in significant and newsworthy cyber attacks.

To compile this comprehensive research report, CyberSheath’s advanced security investigations team interviewed CISOs and security professionals at organizations that collectively have more than $40 billion in annual revenues and more than 170,000 employees around the globe. They combined the results of those interviews with the analysis of several high-profile cyber attacks (including South Carolina Department of Revenue, The University of Georgia, the NASA Jet Propulsion Library, Red October and more) with related industry research to reach their revealing results. The report found that in 100% of these advanced attacks – privileged accounts were compromised. If the data from this report isn’t a wake up call for organizations, then we don’t know what is. As you will also read, attacks that leveraged these accounts were found to be more difficult to detect and stop, as well as more damaging and expensive to fix.

CyberSheath also provided best practices for organizations to follow that we here at Cyber-Ark couldn’t be more supportive of—including the requirement to implement the right tools to isolate, monitor and control every access point to all critical business systems, as well as secure, manage, and automatically log all activities associated with administrative and privileged accounts.

We have two versions of the report available based on your interest: one for business leaders and one for security operations pros.




Keep up-to-date on security best practices, events and webinars.

Share This