Shamoon Cyber Attack Reinforces the Need for Privileged Password Security
December 2nd, 2016
According to reports, the Shamoon malware contained embedded credentials that allowed the malware to move throughout the network and cause harm. The attack was likely initiated using a worm, which is how Shamoon operated historically. Propagation occurs by accessing shares in the network or through other remote access, using stolen credentials.
The pattern of privileged credential compromise continues to be a big problem. Our Privileged Password Vulnerability Benchmark research shows that many organizations still store still store privileged and admin passwords in risky Word documents or Excel spreadsheets (see why that’s a bad idea). Failing to secure these accounts is an open door to attackers to unleash their malware across a network. We need to assume cyber attackers are already on the network and planning attacks with increasingly malicious intent. By shutting down the privileged pathway of malware like Shamoon, organizations can dramatically improve their IT security.
Read more about how Thycotic can help and download our password management tool: Secret Sever Free.
Latest posts by Steve Kahan (see all)
- The Top 5 Applications You Should Blacklist Now - December 13, 2016
- Shamoon Cyber Attack Reinforces the Need for Privileged Password Security - December 2, 2016
- Protecting your network by implementing Least Privilege Policy - October 27, 2016