Story image

Hackers speak: Privileged accounts best way to steal data

25 Aug 17

From the mouths of the hackers themselves, organisations’ privileged accounts are the most attractive targets for gaining access to critical data.

Those are the results from Thycotic’s 2017 Black Hat survey, which quizzed more than 250 hackers on their methods of extracting critical data.

32% of hackers said that privileged account access was the primary way to get access to critical data, while 27% said email was the easiest way.

"Given that privileged accounts are prime targets for hackers, IT professionals should consider the opinions of the hackers themselves when it comes to protecting privileged accounts," comments Thychotic’s chief security scientist, Joseph Carson.

73% of hackers also said that perimeter security methods such as firewalls and antivirus products are now irrelevant or obsolete. They no longer provide effective barriers to getting inside networks.

Threat intelligence solutions, reputation feeds and education are also the weakest forms of security protection, according to the hackers.

Instead, 32% said multifactor authentication and 32% said encryption were the biggest obstacles facing hackers today.

"In today's connected world, organisations can no longer rely only on the traditional cybersecurity perimeter controls. The new cybersecurity perimeter must incorporate an identity firewall built around employee and data using Identity and Access Management technology controls which emphasizes the protection of privileged account credentials and enhancing user passwords across the enterprise with multi-factor authentication,” Carson continues.

85% of hackers said people were the primary sources of blame for security breaches, even more than inadequate security and unpatched software.

35% said that changing passwords and remembering new ones was a major source of cybersecurity fatigue.

"With traditional perimeter security technologies considered largely irrelevant, hackers are focusing more on gaining access to privileged accounts and email passwords by exploiting human vulnerabilities allowing the hacker to gain access abusing trusted identities," Carson explains.

"More than ever, it is critical for businesses to mitigate these risks by implementing the right technologies and process to ward off unsuspecting attacks and access to sensitive data."

Last month, Thycotic conducted its first annual State of Cybersecurity Metrics Report. Out of 400 respondents, 58% of organisations scored an ‘F’ or ‘D’ grade in terms of how they measure their cybersecurity investments and performance against best practices.

One in three organisations invested in cybersecurity solutions with no way to measure effectiveness or value.

"It's really astonishing to have the results come in and see just how many people are failing at measuring the effectiveness of their cybersecurity and performance against best practices," Carson notes.

"At a time when threats are escalating and the need for quantifiable metrics are putting security teams and executives under pressure, the 2017 State of Cybersecurity Metrics Report reveals what is actually occurring so that companies can produce assurances, remedy their errors and protect their businesses,” he concludes.

Disruption in the supply chain: Why IT resilience is a collective responsibility
"A truly resilient organisation will invest in building strong relationships while the sun shines so they can draw on goodwill when it rains."
Businesses too slow on attack detection – CrowdStrike
The 2018 CrowdStrike Services Cyber Intrusion Casebook reveals IR strategies, lessons learned, and trends derived from more than 200 cases.
Proofpoint launches feature to identify most targeted users
“One of the largest security industry misconceptions is that most cyberattacks target top executives and management.”
McAfee named Leader in Magic Quadrant an eighth time
The company has been once again named as a Leader in the Gartner Magic Quadrant for Security Information and Event Management.
Symantec and Fortinet partner for integration
The partnership will deliver essential security controls across endpoint, network, and cloud environments.
Is Supermicro innocent? 3rd party test finds no malicious hardware
One of the larger scandals within IT circles took place this year with Bloomberg firing shots at Supermicro - now Supermicro is firing back.
25% of malicious emails still make it through to recipients
Popular email security programmes may fail to detect as much as 25% of all emails with malicious or dangerous attachments, a study from Mimecast says.
Google Cloud, Palo Alto Networks extend partnership
Google Cloud and Palo Alto Networks have extended their partnership to include more security features and customer support for all major public clouds.