Hackers speak: Privileged accounts best way to steal data
FYI, this story is more than a year old
From the mouths of the hackers themselves, organisations’ privileged accounts are the most attractive targets for gaining access to critical data.
Those are the results from Thycotic’s 2017 Black Hat survey, which quizzed more than 250 hackers on their methods of extracting critical data.
32% of hackers said that privileged account access was the primary way to get access to critical data, while 27% said email was the easiest way.
"Given that privileged accounts are prime targets for hackers, IT professionals should consider the opinions of the hackers themselves when it comes to protecting privileged accounts," comments Thychotic’s chief security scientist, Joseph Carson.
73% of hackers also said that perimeter security methods such as firewalls and antivirus products are now irrelevant or obsolete. They no longer provide effective barriers to getting inside networks.
Threat intelligence solutions, reputation feeds and education are also the weakest forms of security protection, according to the hackers.
Instead, 32% said multifactor authentication and 32% said encryption were the biggest obstacles facing hackers today.
"In today's connected world, organisations can no longer rely only on the traditional cybersecurity perimeter controls. The new cybersecurity perimeter must incorporate an identity firewall built around employee and data using Identity and Access Management technology controls which emphasizes the protection of privileged account credentials and enhancing user passwords across the enterprise with multi-factor authentication,” Carson continues.
85% of hackers said people were the primary sources of blame for security breaches, even more than inadequate security and unpatched software.
35% said that changing passwords and remembering new ones was a major source of cybersecurity fatigue.
"With traditional perimeter security technologies considered largely irrelevant, hackers are focusing more on gaining access to privileged accounts and email passwords by exploiting human vulnerabilities allowing the hacker to gain access abusing trusted identities," Carson explains.
"More than ever, it is critical for businesses to mitigate these risks by implementing the right technologies and process to ward off unsuspecting attacks and access to sensitive data."
Last month, Thycotic conducted its first annual State of Cybersecurity Metrics Report. Out of 400 respondents, 58% of organisations scored an ‘F’ or ‘D’ grade in terms of how they measure their cybersecurity investments and performance against best practices.
One in three organisations invested in cybersecurity solutions with no way to measure effectiveness or value.
"It's really astonishing to have the results come in and see just how many people are failing at measuring the effectiveness of their cybersecurity and performance against best practices," Carson notes.
"At a time when threats are escalating and the need for quantifiable metrics are putting security teams and executives under pressure, the 2017 State of Cybersecurity Metrics Report reveals what is actually occurring so that companies can produce assurances, remedy their errors and protect their businesses,” he concludes.