Move on Commander
When conducting post-mortem analysis, it becomes apparent that today’s breaches are not highly sophisticated. Cybercriminals no longer hack into enterprise networks; they don’t need to. They target the weakest links and simply log in using stolen or otherwise compromised credentials. Only when the weakest link is difficult again, a skilled attacker will revert to traditional methods of network intrusions.
However, once inside the target network, criminals expand their attack and move laterally across the network, hunting for privileged accounts and credentials that help them gain access to the organization’s most critical infrastructure and sensitive data. It only takes one compromised credential to potentially impact millions — whether it’s millions of individuals or millions of dollars and it occurs rapidly. To think of Lockheed Martins Cyber Kill Chain methodology, a skilled attacker will outsmart you.
Undeniably, identities and the trust we place in them, are being used against us. Identity has become an Achilles heel for cyber-security practitioners. Over 80 percent of security breaches involve privileged credentials according to Forrester Research. According to Gartner, 65 percent of enterprises allow for the unrestricted, unmonitored, and shared use of privileged accounts. The easiest way for cyber-attackers to gain access to sensitive data is by compromising a user identity, identity then provides a driving principle for Zero Trust in which users, service accounts, IoT devices, etc. If a stolen identity belongs to a privileged account that has broader access, the potential for damage is much worse.