CyberArk Labs: Analyzing Real-World Exposure to Windows Credential Theft Attacks
This paper documents research conducted by CyberArk Labs to investigate real-world exposure to successful credential theft attacks against privileged accounts in Microsoft Windows networks composed of Windows servers and workstations.
The research demonstrated that nearly every organization is at significant risk of compromise through Windows privileged account credential theft and reuse. On average, 40 percent of the Windows hosts on a given network, if compromised, would provide an attacker credentials that would facilitate complete compromise of the vast majority of the other Windows hosts on that network – whether directly or through a series of compromises.
Organizations that are concerned about the risks posed by their Windows privileged accounts are encouraged to adopt the approach used in this research to identify and assess their own organization’s potential vulnerabilities, and utilize proven mitigation strategies.