IoT / 88 per cent of networks are susceptible to privileged account hacks
88 per cent of networks are susceptible to privileged account hacks
11 November 2015
The majority of networks are at risk of compromise through account credential theft and reuse if an attacker managed to access a single privileged account, a new report has found.
Researchers discovered that 88 per cent of networks are susceptible to privileged account hacks which could seriously compromise entire company networks, according to a new report from cyber security firm CyberArk.
Windows was shown to be particularly vulnerable to privileged account hacks, with 40 per cent of Windows hosts potentially leading to a complete compromise if hacked.
This 40 per cent were classified as ‘high risk’ in this context, meaning attackers would be able to penetrate a significant amount of the network through hacking just one privileged account.
Only 12 per cent of networks were considered ‘low exposure’, meaning that less than ten per cent of hosts had a high risk of being compromised after an initial breach.
Most privileged account hacks were accomplished through phishing attacks or social engineering methods, which often made it easier for attackers to gain access to most or all other Windows hosts on the same network.
Research also found that if an attacker was able to compromise a server on a mixed-server workstation instead of a single-server workstation, they were ten times more likely to be able to steal credentials belonging to other machines that were using the same network.
The firm has said that the first step towards protecting themselves is for companies to be aware of how many privileged accounts exist on their networks and to form plans that will mitigate their associated risks.
Some strategies recommended by the firm include using privileged local accounts as opposed to privileged domain accounts, implementing one-time passwords and balancing how higher privileges are distributed across organisations.
The full report is available from the CyberArk website.