Free Privileged Account Discovery Tool: Identify & secure credentials to stop lateral movement. Download Free

BeyondTrust
  • Products
    Privileged Password Management
    Discover, manage, audit, and monitor privileged accounts
    Password Safe DevOps Secrets Safe
    Endpoint Privilege Management
    Manage privileges on Windows, Mac, Linux, and Unix endpoints
    Windows and Mac Unix and Linux Active Directory Bridge
    Secure Remote Access
    Centrally manage and secure remote access for service desks and vendors
    Remote Support Privileged Remote Access
    BeyondInsight Analytics
    See All Solutions
  • Resources

    Universal Privilege Management

    Our innovative Universal Privilege Management approach secures every user, asset, and session across your entire enterprise.

    Watch Video

    Learn

    Case Studies
    Competitor Comparisons
    Datasheets
    Glossary
    Product Demos
    Whitepapers

    Attend

    Events
    Go Beyond
    Training
    Webinars

    Support

    Changelog
    Professional Services
    Technical Documentation
  • Blog
  • Partners
  • Contact
  • Support
  • Services
  • Training
  • Events
  • Company

Being Privilege Ready in Today’s Threat Environment

May 23, 2018

  • Blog
  • Archive
Over the past couple decades, the likelihood of any given organization suffering a cybersecurity breach has advanced from unlikely to probable. And, when a breach happens to your organization, it’s probable that one of your users will be a key contributor – either through intentional, nefarious actions, or more likely at the hands of an external attacker who exploits the user’s workstation and hijacks their privileges to gain network access.

The Attack Chain: Breaking Traditional Boundaries

The attack chain today frequently consists of three steps:
  1. Perimeter Hacking: The attacker exploits asset vulnerabilities via drive-by downloads, phishing, direct hacking, etc.
  2. Privilege Hacking and Escalation: The attacker highjacks privileges via exploits and phishing, or leverages stolen/cracked passwords.
  3. Lateral Movement & Exfiltration: The attacker leverages privileges, passwords and exploits to compromise other resources.
By default, most organizations focus primarily on the perimeter of their network, adopting a fortress mentality – build a big, thick wall and sit safely behind it. This tends to be a binary solution, the wall either works or it doesn’t. And, hackers are adept at finding the weak brick to gain entry, or, in the case of a rogue insider, simply starting inside the wall.

The One-Two Punch: Vulnerabilities and Privileges

In a recent survey conducted by BeyondTrust, almost 20% of respondents reported seeing attacks on their networks that combined vulnerability exploitation with the use of privilege to move laterally across their systems. When we see the Verizon Data Breach Investigation Report revealing that vulnerabilities discovered in the 1990s are still being exploited, it’s clear that we need to get better at vulnerability assessment and remediation. The risk is clearly compounded when we also consider that over 30% of organizations surveyed reported that it was common for users to be running as admins. While organizations are increasingly prioritizing vulnerabilities with known exploits, privileged access management needs to be put on equal footing. Implementing an effective privileged access management (PAM) solution is critical to protecting your environment from both external and internal cyberthreats. In our new white paper, “5 Steps to Being Privilege Ready in Today’s Threat Environment,” we discuss how to accomplish just that. For a condensed “how to” on privilege readiness, also be sure to check out the infographic at the end of this blog.

Why Privilege Readiness Is Essential Today

The risk from a user running as an administrator isn’t limited to the potential exploitation by a hacker, it also includes the impact of mistakes made by that user. A standard user opening a phishing email or inadvertently causing ransomware to run on their system is limited by the user’s access privileges. The user won’t be able to modify critical system files, write data too much of their hard disk, or stop monitoring and management tools. They also wo n’t be able to extract password hashes from the local system caches, eliminating the risk of pass-the-hash (PtH) – one of a hacker’s primary methods to move across the network. Over 80% of the known vulnerabilities in Windows require the logged in user to be an Administrator (or equivalent) to be useful to a hacker. Ransomware relies on users having access to lots of data directly to ensure the impact of the malware is large enough to make companies pay the ransom, a standard user account can be completely frustrating for the hackers. By controlling and limiting the amount of privilege that users have, you mitigate the impact from external attackers as well as from internal mistakes. Clicking on the wrong button, deleting the wrong file(s), or installing risky software (both for malware and license management) can cause untold delays and outages in your network.

Brian Chappell

Director, Product Management

Brian has more than 25 years of IT and cybersecurity experience in a career that has spanned niche system integrators, PC and Software vendors, and high-tech multi-nationals. He has held senior roles in both the vendor and the enterprise space in companies such as Amstrad plc, BBC Television, GlaxoSmithKline, and BeyondTrust. At BeyondTrust, Brian leads the Product Management of the flagship Password Safe product globally, ensuring the delivery of a world-class, industry-leading Privileged Password and Session Management solution. Brian can also be found speaking at conferences, authoring articles and blog posts, as well as providing expert commentary for the world press.

Stay Up To Date

Get the latest news, ideas, and tactics from BeyondTrust. You may unsubscribe at any time.

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

You May Also Be Interested In:

Webcasts | February 09, 2021

Customer Webinar: Remote Support 21.1 Released!

Webcasts | February 24, 2021

Your PAM 2021 Blueprint: Securing Privileged Accounts for On-Premises and Cloud Assets

Whitepapers

Evolving Privileged Identity Management (PIM) In The 'Next Normal'

BeyondTrust Logo
  • Facebook
  • Twitter
  • LinkedIn

Keep up with BeyondTrust

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Customer Support
Contact Sales

Products

  • Endpoint Privilege Management
  • Password Management
  • Privileged Remote Access
  • DevOps Secrets Safe
  • Remote Support

Resources

  • Blog
  • Case Studies
  • Competitor Comparisons
  • Datasheets
  • Glossary
  • Videos
  • Webcasts
  • Whitepapers

About

  • Company
  • Careers
  • Contact
  • Events
  • Leadership Team
  • Partner Program
  • Press

Languages

  • English
  • German
  • French
  • Spanish
  • Korean
  • Portuguese
  • Japanese
  • Privacy
  • Security
  • Manage Cookies
  • WEEE Compliance

Copyright © 1999 — 2020 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.