Happy 4th of July 2019!
As we, in America, celebrate our Independence Day this Thursday, we have tons to be thankful for, including all the freedom we embrace—from travel, to speech, and all the rights granted by our Constitution. We can scarcely imagine that our founding fathers could have predicted the rise of the Digital Age and how much we depend today on technology to express and secure our freedom and independence in 2019. With tech tools from smartphones to applications that can summon up almost any piece of information instantly, we have truly gained our independence to learn, ask questions, and watch as many cat videos as we desire.
While we’re enabled by technologies to explore and enjoy this relatively new sphere of independence—in some ways these freedoms are very fragile--as they can all be easily jeopardized by a host of threat actors. We have witnessed this from nation-state cyberattacks, and even election meddling performed by foreign agents. Currently, the top cybersecurity threat to our freedom comes from privileged attack vectors. We need to take the proper steps so we can declare our independence from these risks and safeguard our freedoms for years to come.
So, what are privileged attack vectors?
Privileged attack vectors are the risks associated with poor privilege account and access management. The attack vectors include the techniques that threat actors leverage to compromise an environment, and the defensive measures that organizations must adopt to protect against a breach. This includes protecting against lateral movement, improving the ability to detect malicious privileged activity, and establishing secure remote access sessions to ensure no one is harming an organization’s data—or its liberty.
Traditionally, threat actors have targeted the perimeter network, but, in recent years, efforts have refocused on the path of least resistance: users and their privileges. The core essentials of our freedom – people and their rights.
Modern Technologies Expand the Cyber Threat Surface
In years past, an entire enterprise might be adequately managed through just a handful of credentials. Today’s environmental complexity means privileged credentials are needed for a vastly expanding universe of different account types (from domain admin and sysadmin to workstations with admin rights), operating systems (Windows, Unix, Linux, etc.), directory services, databases, applications, cloud instances, networking hardware, Internet of Things (IoT), social media, and more. Without property management and security controls, these privileged credentials pose a significant risk from external hackers and insider threats
The volume and frequency of privilege-based attacks continues to increase and test the limits of existing security controls and solution implementations. Why? Because it is the easiest current method to steal and inflict damage to the independence we have for our systems, applications, and resources we have developed to date.
There is no single, silver bullet to defend against all threat vectors and stages of an attack. And while some new and innovative solutions will help protect against or detect the initial infection, no solution is guaranteed to stop 100% of malicious privileged activity.
So, to safeguard our independence and ensure our freedoms on this 4th of July and beyond, focus your attention on how to mitigate privileged attack vectors by:
- Protecting identities, accounts, credentials, passwords, and exploits from being leveraged and escalated during a privileged attack
- Implementing defensive and auditing strategies to mitigate the threats and risk
- Building a privileged access management plan to help embrace a journey of independence from privileged accounts within your organization—remove admin rights wherever possible and enforce least privilege.
- Learning what considerations are required for a successful declaration of privileged access management within your organization and the deployment and scope, including risk, auditing, regulations, and oversight needed to establish your freedom.
Cyberattacks are widely expected to continue to increase in volume and sophistication—and in ways that genuinely threaten our freedoms. It is not a matter of if, but when, your organization will be tested and attacked.
BeyondTrust can help your organization revolutionize its privileged access security and win their freedom from the risks of privileged accounts and privileged attack vectors. For more information, contact us today.
Morey J. Haber, Chief Security Officer, BeyondTrust
Morey J. Haber is the Chief Security Officer at BeyondTrust. He has more than 25 years of IT industry experience and has authored three books: Privileged Attack Vectors, Asset Attack Vectors, and Identity Attack Vectors. He is a founding member of the industry group Transparency in Cyber, and in 2020 was elected to the Identity Defined Security Alliance (IDSA) Executive Advisory Board. Morey currently oversees BeyondTrust security and governance for corporate and cloud based solutions and regularly consults for global periodicals and media. He originally joined BeyondTrust in 2012 as a part of the eEye Digital Security acquisition where he served as a Product Owner and Solutions Engineer since 2004. Prior to eEye, he was Beta Development Manager for Computer Associates, Inc. He began his career as Reliability and Maintainability Engineer for a government contractor building flight and training simulators. He earned a Bachelor of Science degree in Electrical Engineering from the State University of New York at Stony Brook.