Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Identity & Access

Organizations Underestimate The Dangers of Privileged Accounts: Survey

Organizations underestimate how cyber-attackers can take advantage of privileged accounts for malicious purposes, according to a new survey.

Organizations underestimate how cyber-attackers can take advantage of privileged accounts for malicious purposes, according to a new survey.

Despite the risks, half of the organizations in Cyber-Ark Software’s global IT security survey admitted to sharing passwords to privileged accounts among “approved” users. The problem was more widespread in larger enterprises, with 56 percent acknowledging the password sharing compared to 47 percent in smaller enterprises.

“Organizations are having a difficult time understanding the magnitude of this security problem in their environments because privileged accounts exist everywhere,” said John Worrall, chief marketing officer of Cyber-Ark.

Cyber-Ark estimated that organizations generally have privileged accounts three to four times the number of employees. However, when asked, 86 percent of large enterprise organizations either did not know or “grossly underestimated” the magnitude of their privileged account security problem, saying they had only one privileged account per employee.

“That means at least 2 out of every 3 privileged accounts in these organizations are either unknown or unmanaged,” according to the survey.

Privileged accounts include superuser and administrative accounts, default and hardcoded passwords, and application backdoors. Mandiant’s APT1 report earlier this year highlighted how attackers are going after domain administrators, service accounts with domain privileges, local administrator accounts, and other privileged user accounts. They provide direct access to the organization’s most sensitive data, but organizations continue to have a difficult time identifying and managing these critical vulnerabilities, Cyber-Ark said.

While 63 percent of the respondents were able to identify where privileged accounts can be found, the remaining were not aware that networked devices such as copiers and printers posed a risk if their passwords were not managed. Many organizations are not aware that unsecured access points can pose a threat to sensitive corporate data and systems.

Even though privileged accounts are increasingly being targeted in advanced enterprise attacks, organizations are not implementing best practices around privileged accounts, Cyber-Ark found. A recent CyberSheath report found that theft, misuse, and exploitation of privileged accounts was a “key tactic” in advanced persistent threat and other targeted attack campaigns.

The recommended practice is to change passwords for these accounts, at most, every 90 days. In the survey, 82 percent of respondents said they had processes in place for regularly changing passwords, but 53 percent of enterprises said they take 90 days or longer to change them. About 76 percent said they took 60 days or longer.

Recent attacks may be a sign that waiting 90 days is too long, Cyber-Ark said.

“It has become clear that privileged accounts are a priority target for cyber-attackers – every new report highlights this, and every new attack reveals the privileged pathway the attackers are travelling,” Worrall said.

Organizations need to identify where privileged accounts exist, control access to them, and monitor exactly what is being done with them, Cyber-Ark recommended. By automating the processes, organizations would be able to consistently enforce controls and manage risk more effectively, Worrall said.

The Privileged Account Security & Compliance Survey examined responses from 236 IT managers and C-level professionals at large enterprises across North America and Europe.

Written By

Click to comment

Expert Insights

Related Content

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Identity & Access

Strata Identity has raised $26 million in a Series B funding round led by Telstra Ventures, with additional investment from Forgepoint Capital, Innovating Capital,...

Application Security

Software maker Adobe on Tuesday released security patches for 29 documented vulnerabilities across multiple enterprise-facing products and warned that hackers could exploit these bugs...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Application Security

Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that...

Funding/M&A

Identity and access governance vendor Saviynt has closed a $205 million financing round.