by John Worrall
CyberArk has talked a lot over the years about how pervasive privileged accounts are, and how powerful privileged access can be. Case in point, Google Glass.
Jay Freeman, a technology consultant was able to gain root level privileges in Google Glass. It provides an excellent example of the power an individual has once they gain access to root level privileges.
According to Jay, as reported by Help Net Security:
“Once the attacker has root on your Glass, they have much more power than if they had access to your phone or even your computer: they have control over a camera and a microphone that are attached to your head. A bugged Glass doesn’t just watch your every move: it watches everything you are looking at (intentionally or furtively) and hears everything you do,” he writes. “The only thing it doesn’t know are your thoughts.”
While there is no “privileged account” in this situation, it is a great example of the how powerful privileged access can be. Keep this in mind as you think about how you are controlling and monitoring privileged account use in your organization. Once an attacker has access to root or admin privileges in your IT infrastructure, they can do serious damage and are very difficult to detect. And privileged access is available throughout your company’s IT infrastructure, your home and even in your eye wear.