Today’s Advanced Persistent Threats and WarGames?
April 2, 2015 | Security and Risk | John Worrall
One of the most well-known hacker movies is WarGames. Given the movie was from the 80s, there are a lot of cringe-inducing scenes – especially when it comes to the hack itself. There’s no way a teenager could hack into the most advanced military weapons in the world, is there?
Sometimes life imitates art, which is why the recent news that the Pentagon’s Chief Weapon’s Tester showed “significant vulnerabilities” to cyber attacks was so disconcerting. This comes more than 30 years after the movie was made…
The tests were conducted across more than 40 of the most advanced military weapon systems, and all of them were found to have profound weaknesses that could be exploited in a cyber attack.
According to the report, “one of the most nagging problems that cyber security faces, no matter how many times they update procedure, are ‘compliance’ problems: human error, unpreparedness and exploits as meager as bad passwords. And once a hacker gets access to a single weak password, it can lead to ‘rapid access and exploitation’ of an entire weapons system.”
This is especially true when the weak password is supposed to secure a privileged account. Cyber attackers covet privileged accounts, because of the broad power and access they provide. The theft and exploitation of these accounts have led to some of the biggest data breaches in the past few years – but they’ve also been at the heart of some of the most the devastating critical infrastructure attacks in recent memory as well.
In the most well-known cyber attack of our time, the default password securing a privileged account on a Siemens PLC was exploited to inject the Stuxnet malware into the network at the Natanz nuclear facility. The destruction caused by the malware was done through an exploit that is common to this day and easily discoverable on the Internet.
Aside from the sheer physical damage that a cyber attack can cause, the vulnerability of our top weapon systems is incredibly scary when you look at how attackers are using these same vulnerabilities to completely take over a targeted company’s infrastructure, as was done in the recent Sony and Sands Hotel attacks. Make no mistake, these attacks were not just about stealing data, they represented the hostile takeover of both companies’ networks.
This is the power of privileged accounts – they provide attackers with an all-access pass to a network, enabling them to go wherever and do whatever they want without hindrance.
Last year, the U.S. Department of Homeland Security published an RFI for Phase 2 of the Continuous Diagnostics and Mitigation (CDM) program focusing on Least Privilege and Infrastructure Integrity. CyberArk addresses multiple requirements in Phase 2 of the CDM program with our Privileged Account Security Solution. We provide more detail on this in our new whitepaper – a ‘must read’ for federal agencies.
To learn more about how to get started on securing privileged accounts and credentials, check out the CyberArk Privileged Account Security Solution.