|
Mismanaged Privileged Accounts: A New Threat To Your Sensitive Data
by Chris Stoneff |
|
In mid-October the USCC congressional commission gave IT professionals an early Halloween scare with its report on an emerging cyber warfare threat. The 88 page document, compiled by a team at Northrop Grumman, presents in unsettling detail the anatomy of a 2008 attack on a US company’s IT infrastructure that succeeded in providing at least some measure of sensitive data to overseas spies. The report makes this gloomy assessment:
“US government and private sector information, once unreachable or requiring years of expensive technological or human asset preparation to obtain, can now be accessed, inventoried, and stolen with comparative ease using computer network operations tools.”
The USCC report details how overseas agents use a multi –faceted approach to create potent cyber attacks. First, they combine zero-day exploits they develop in-house with clever social engineering to deliver malicious payloads onto target systems with surprising consistency.
| - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - | ||
 |
Improving Software Quality to Drive Business Agility | |
| - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - | ||
Once a single computer is compromised, the intruders leapfrog from system to system, compromising “highly sensitive privileged accounts” throughout the organization until the infrastructure is mapped and its most valued information can be extracted quickly enough to render conventional safeguards powerless. The report sums it up by saying,
“These operators exploit this reactive defense model and they have the resources necessary to develop and exploit previously unknown vulnerabilities that are often missed by signature-based IDS/IPS and endpoint protection software.”
With no end in sight to new vulnerabilities that appear in desktop applications, web services, operating systems and even network appliances, how can organizations safeguard their most sensitive data from attack?
Today there’s a software solution that, within a short period of time, can discover and catalog the privileged accounts everywhere in your enterprise – in applications and web services, databases, operating systems, and so on. The software then isolates interdependent services to maintain the absolute minimum of commonality among privileged credentials, continuously hardening and changing all of the passwords and permitting delegated check-out only by authorized IT staff. That way a single compromised system has only short-term value and can’t become an easy launching point to expose your entire infrastructure.
To download a copy of the USCC report visit http://www.uscc.gov/researchpapers/2009/NorthropGrumman_PRC_Cyber_Paper_FINAL_Approved%20Report_16Oct2009.pdf.
Chris Stoneff, principal product manager at Lieberman Software Corporation, a Los Angeles-based developer of privileged identity management software.
Tags: Cyber Warfare, Data Security
This entry was posted on Friday, December 11th, 2009 at 6:53 AM and is filed under Community Manager, Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.
|
| Making The Buy For Trust Seal For ease of access, we have added a 'Buy' button to the very top of the Trust Seal landing page. This helps to ensure that it is easily visible and accessible to users and that it doesn't get missed further... VeriSign At SES The VeriSign Authentication team was at SES last week talking up the VeriSign Trust Seal which was recently launched in February, and Seal-in-Search - a service where search engine users can see the VeriSign Trust Seal next to sites protected... VeriSign Now a Symantec Company We are very excited to be a Symantec company! If you haven't already heard, VeriSign has been acquired by Symantec. The deal was made official on August 9, 2010. We are very excited about new opportunities for increasing and offering... |
|
| PayPal UK Launch Security Key - Guest Posting from PayPal I am happy to say they are using VeriSign Identity Protection to deliver this, which means that PayPal Customers will be able to use their token at other sites who join the VIP network. PayPal are the first UK members of the network, but there are around 30 other members in different countries around the world so you can expect to see more places where you can use your token in the UK appearing shortly. Facebook scam - Part 2 This just in from the BBC web site, Symantec have identified a virus that steals user names and passwords, nothing new there. But, if I understand this right, it is delivered through a Facebook invitation from someone you don't know and delivers malware which can then steal user names / passwords and also keylog credit card info. Survey finds passwords are not secure - well d'uh! I don't think the vendor community has been crying wolf about the problems that stronger authentication solves, more like highlighting that this problem is here and growing. Well the discussion I have had recently with many different organisations across many different industries are now resulting in more and more consumer projects in this area |
|
| Cloud Identity, Trust and the Liability Elephant. I have been involved with a couple similar initiatives around certification for identity and thought it would be interesting to explain the logic behind these efforts. The first initiative is led by the Open Identity Exchange and is based on... Greek Heroes, Facebook and Trust When Achilles was a baby, the oracle predicted that he would die in battle from an arrow. Thetis, Achilles' mother who did not want her son to die decided to dip Achilles' body into the water of a river that... PCI for the Cloud For most enterprise and security vendors, the cloud is fascinating both as a technology and a business disruptor. In fact, SAAS CEOs such as Successfactor, SalesForce and NetSuite are hot shots in Silicon Valley these days. Yet, most of us... |
|
