NSA, Snowden and Privileged Accounts: 17 Years a Threat

March 7, 2014 CyberArk

BusinessWeek recently published a fascinating article, highlighting that seventeen years prior to Ed Snowden releasing documents, analysts were warning the agency against just such an insider threat.

In the 1996 edition of Cryptologic Quarterly, an NSA m­agazine, an unidentified analyst wrote:

In their quest to benefit from the great advantages of networked computer systems, the U.S. military and intelligence communities have put almost all of their classified information ‘eggs’ into one very precarious basket: computer system administrators… A relatively small number of system administrators are able to read, copy, move, alter, and destroy almost every piece of classified information handled by a given agency or organization.  An insider-gone-bad with enough hacking skills to gain root privileges might acquire similar capabilities. It seems amazing that so few are allowed to control so much — apparently with little or no supervision or security audits.”

This was a chilling warning of what many companies have experienced – the specter and threat of privileged account abuse hangs over every company.  The privileged insider/rogue employee has always been the greatest internal threat businesses face.

The problem today has increased exponentially.  Outside cyber-attackers quickly realized that the best way to steal information from a company was to become a privileged insider.  As CyberSheath has pointed out in their own research, 100 percent of all successful advanced attacks are conducted with stolen privileged credentials.

Cyber-attackers have learned the lessons of the threat privileged accounts pose to the enterprise and are using this knowledge against businesses.  It’s time for businesses to listen to their own lessons and catch up to minimize this threat.


Previous Article
Windigo Malware – Coming to a Linux Server Near You
Windigo Malware – Coming to a Linux Server Near You

Two days ago, security firm ESET exposed Windigo, a sophisticated malware attack that has hijacked more tha...

Next Article
CyberArk at #RSAC: Privileged Threat Analytics, DNA and More at Booth #915
CyberArk at #RSAC: Privileged Threat Analytics, DNA and More at Booth #915

As we mentioned earlier this week, the CyberArk team is out in full force at this year’s RSA Conference. Wh...