Today we unveiled the findings from our 2015 Global Advanced Threat Landscape Survey. Now in its ninth year, this report pinpoints cyber security trends and emerging risks based upon a compilation of interviews with 673 IT security and C-level executives from organizations around the globe.
The primary takeaway is clear: Cyber attacks that exploit privileged and administrative accounts – the credentials used to manage and run an organization’s IT infrastructure – represent the greatest enterprise security risks today.
While we encourage you to read the full, free report, here’s our take on some of the key findings:
More than a Data Breach – Complete Network Takeover
The majority of respondents (61 percent) cited privileged account takeover as the most difficult stage of a cyber attack to mitigate, up from 44 percent in last year’s study. Awareness of this security risk has increased and for good reason. High profile attacks on Sony Pictures, the U.S. Office of Personnel Management (OPM) and others illustrate how, with privileged credentials in-hand, attackers can exfiltrate sensitive data or conduct a hostile takeover of network infrastructure. This new reality highlights the threat of privileged account hijacking within the enterprise, yet many organizations still struggle to identify and locate privileged accounts across their networks. If they can’t find them, how can they protect them?
Corporate Confidence and a False Sense of Data Security
Despite mounting evidence to the contrary, 44 percent of respondents continue to believe they can keep motivated attackers off the network or reasonably discover them once they’ve infiltrated an organization. This confidence is misplaced. Today, it is no longer acceptable for organizations’ security programs to presume they can keep attackers off their network. They must adopt the mindset that the attacker has already made it inside.
Organizations Fail to Recognize Emerging Threats Inside the Network
When asked to rank the type of attacks they were most concerned about, many respondents pointed to perimeter attacks, such as phishing (70 percent), as their primary concern. There was less awareness about potentially devastating compromises that happen within the network, such as Pass-the-Hash and Kerberos attacks, including Golden Ticket that can enable complete control over a target’s network by taking over the domain controller. It’s time for business and IT leaders to turn their focus to what can be done to stop attackers once they are inside the network and recognize that phishing and other unsophisticated means of attack will happen, and they will be successful.
Today’s most damaging attacks occur when attackers steal privileged and administrative credentials and gain the same level of access as the internal people managing the systems. This puts an organization at the mercy of an attacker’s motivation, be it financial, espionage or causing harm to the business. With ongoing education and increasing awareness about the devastating fallout of privileged account takeover, there is an accelerated shift in the industry’s security mentality.
To learn more, download the 2015 Global Advanced Threat Landscape Survey at https://www.cyberark.com/ThreatSurvey2015.