Research examines real-world networks’ exposure to credential theft attacks

Research provides insights into cyber attacks that abuse hijacked privileged credentials to compromise enterprise security.

  • 9 years ago Posted in
Research from CyberArk Labs has found that, on average, 40 percent of network machines can provide cyber attackers with credentials enabling them to start an attack which could compromise an organisation’s entire network.
The report, “Analysing Real-World Exposure to Windows Credential Theft Attacks,” explores data from more than 50 networks to identify the prevalence and risk of what are referred to as “highly threatening machines.”  These machines are Windows-based workstations or servers that hold sufficiently privileged credentials that enable the attacker to compromise other machines and privileged accounts, culminating in a broad network compromise.  In fact, 88 percent of the networks scanned were found to be significantly susceptible to compromise through privileged account credential theft or abuse.
“In a given network, there are typically a number of highly threatening machines that can give an attacker the credentials needed to completely compromise the majority of Windows hosts on the network,” said Andrey Dulkin, director of cyber innovation at CyberArk Labs.  “We’ve seen similar credential theft methods as the basis for major attacks across a number of organisations.  Identifying these machines and securing the associated privileged credentials against theft and exploitation is a critical step in securing against advanced cyber attacks.”
In this research, CyberArk Labs details:
  • Various credential abuse methods – including Pass-the-Hash, Overpass-the-Hash and other Kerberos attacks;
  • The types of privileged accounts that pose the most danger to organisations – such as privileged user accounts and privileged service accounts;
  • The effectiveness of specific mitigation strategies that can significantly lower the risk across different network types. 
Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Atos has launched Atos OneCloud Sovereign Shield, a set of solutions, methodologies, and...
New distribution agreement set to bolster Westcon-Comstor’s Zero Trust offering in more markets...
Research from Avast has found that employees in almost a third (31%) of Small and Medium...
This year, over half of MSPs or their end customers have been attacked by ransomware but only 53%...
Trend Micro has published new research revealing that 90% of IT decision makers claim their...
Cyber consultants call on businesses to act now, or risk budgets shrinking further in ‘real...