Cyber attacks that exploit weak privileged identity management represent a constant threat to enterprises – especially during periods of business disruption when many teams are working remotely. With IBM Security Verify Privileged Vault (formerly IBM Secret Server) you can gain tight control over privileged resources without driving cost and complexity.
Cyber security threats burst onto the scene
In the 1990s, the digital revolution kicked into a new gear, as enterprises across all industries and geographies began to infuse their business processes with data-driven systems. Over the last three decades, the trend has only intensified—and today, digital devices are essential equipment for billions of people across the global workforce.
As digital services took off, a new generation of criminals quickly turned their attention to exploiting them. While cyber criminals’ methods have varied considerably since the birth of the internet, the growing connectivity and complexity of the digital landscape has made attacks that exploit privileged accounts one of the most tempting—and rewarding—targets.
Weak PAM security, high-profile targets
Over the last ten years, privilege escalation attacks have hit some of the world’s largest organisations and most recognisable brands: from the New York Times and Washington Post to the U.S. National Security Agency and Department of Energy. One of the most spectacular examples of the phenomenon came in 2013, when hackers broke into the payment systems of major U.S. retailer Target.
In an attack analogous to a famous scene in 1996’s Mission: Impossible in which Tom Cruise abseils down to access a computer from an air duct in the ceiling of a secure vault, hackers discovered that the company that provided heating, ventilation, and air conditioning (HVAC) services to all Target stores had been granted external network access.
Multi-million-dollar losses
The intention was to allow the HVAC company to manage and maintain their climate-control software, which in turn allowed Target to maintain comfortable temperatures for customers while optimising its spend on energy outside of opening hours. But what Target’s network administrators hadn’t foreseen was that the HVAC company’s network access was a wide-open door to the retailer’s mission-critical back-end systems.
Within a matter of days after they discovered the exploit, hackers had already deployed malware to the majority of Target’s point-of-sale systems, which began skimming credit-card records from millions of customer transactions. Over a period of little under a month, the attackers lifted approximately 40 million debit- and credit-card details from Target stores across the country—a breach that ultimately cost the company over $200 million.
Don’t bury your head in the sand
For many businesses, it’s all too easy to ignore the very real threat posed by privilege escalation attacks like the one that Target suffered. However, when you consider that recent research by teiss revealed that as many as 55 percent of companies surveyed had no idea how many privileged accounts were even in use across their business, the need for action becomes stark.
Adding to this challenge is the fact that only half of privileged accounts are deprovisioned when no longer needed. There’s an old saying that security through obscurity is no security at all—and yet, many enterprises leave wide-open attack surfaces that are just waiting for attackers to exploit. The situation becomes all the more urgent during periods of business disruption, in which increasing numbers of employees are working from home, potentially on less secure devices that fall outside of the control of the corporate IT department.
Take back control with Northdoor
So how can your business take back control of privileged access and avoid becoming the next Target? Today’s IT infrastructures are larger and more complex than ever, and the corporate IT system may include a mixture of on-premises and public-cloud platforms. To identify and manage privileged accounts effectively without sending cost and complexity spiralling out of control, an automated approach is critical.
For more than three decades, Northdoor has helped businesses of all sizes to protect their IT systems from cyber attack. Northdoor specialises in deployments of IBM Security Verify Privilege Vault (formerly IBM Security Secret Server) – a Privileged Access Management (PAM) solution that makes it easy to identify and secure all service, application, administrator, and root accounts across the enterprise.
Available on-premises or in the cloud, IBM Security Verify Privilege Vault (formerly IBM Security Secret Server) uses continuous discovery to surface immediate, actionable insights into potential PAM risks across the entire IT landscape, including public, private and hybrid-cloud systems. Expert consultants from Northdoor can help you deploy IBM Security Verify Privilege Vault within as little as three days, giving you the peace of mind that your business is well-protected against privilege escalation attacks—even during periods of business disruption.