A large number of data breaches are caused by stolen passwords, usually via some kind of social engineering technique and/or a malware attack. Below are the main ways adversaries can gain access to privileged accounts.
Social Engineering
Phishing and other social engineering techniques are perhaps the most common method of illegitimately obtaining credentials. Attackers will typically masquerade as a trusted entity in order to trick the victim into handing over their credentials. In some cases, the attacker will spend time learning about the victim and/or befriending the victim in order to make the attack more targeted. This technique is generally referred to as spear-phishing.
Credential Exploitation
This includes brute-force password attacks, password guessing, shoulder surfing, dictionary attacks, rainbow table attacks, password spraying, and credential stuffing. In some cases, the attacker will try to guess the security questions in order to gain access to a privileged account. They might also try to compromise the password reset mechanisms in order to exploit any password changes and resets.
Vulnerabilities and Exploits
Attackers will often try to gain access to a privileged account by targeting vulnerabilities found in operating systems, communication protocols, web browsers, web applications, cloud systems, network infrastructure, and so on.
Default Passwords
In some cases, companies forget to change the default passwords on admin or root accounts, which attackers will try to exploit.
Spyware
Adversaries will often try to use spyware to gain access to privileged accounts. Keyloggers, for example, can harvest credentials by monitoring the keystrokes of the user.
OCD Tech’s team of experts are ready to create a comprehensive privileged access management strategy for any client in a 7-step process:
Define -> Discover -> Manage & Protect -> Monitor -> Detect Usage -> Respond -> Review & Audit.
In addition to designing PAM strategies and definitions tailored to an organization’s needs, OCD Tech has hands-on experience implementing powerful tools, including but not limited to Privileged Session Management (PSM) and multifactor authentication (MFA). Our information technology analysts have the skills to actualize and explain PAM tools and tactics to the whole company, from the C-suite to the interns. Contact us and prevent data breaches.
Source: MASS TLC, Article by Raina Malmberg, OCD Tech
