Menu
​Compromise inevitable as CyberArk uncovers real-world network exposures

​Compromise inevitable as CyberArk uncovers real-world network exposures

“In a given network, there are typically a number of highly threatening machines that can give an attacker the credentials needed to completely compromise the majority of Windows hosts on the network."

Comments

Over 40 percent of network machines can provide cyber attackers with credentials enabling them to start an attack which could compromise an organisation’s entire network.

CyberArk findings - Analysing Real-World Exposure to Windows Credential Theft Attacks - explores data from more than 50 networks to identify the prevalence and risk of what are referred to as “highly threatening machines.”

These machines are Windows-based workstations or servers that hold sufficiently privileged credentials that enable the attacker to compromise other machines and privileged accounts, culminating in a broad network compromise.

According to CyberArk - represented in New Zealand by Connector Systems - 88 percent of the networks scanned were found to be significantly susceptible to compromise through privileged account credential theft or abuse.

“In a given network, there are typically a number of highly threatening machines that can give an attacker the credentials needed to completely compromise the majority of Windows hosts on the network,” says Andrey Dulkin, Director of Cyber Innovation, CyberArk Labs.

“We’ve seen similar credential theft methods as the basis for major attacks across a number of organisations.

“Identifying these machines and securing the associated privileged credentials against theft and exploitation is a critical step in securing against advanced cyber attacks.”

Follow Us

Join the ARN newsletter!

Error: Please check your email address.

Tags securityCyberArk

iasset.com is a channel management ecosystem that automates all major aspects of the entire sales, marketing and service process, including data tracking, integrated learning, knowledge management and product lifecycle management.

Show Comments