Phone Number +1-202-802-9399 (US)

ThycoticCentrify is now Delinea!

The Lockdown

Thycotic’s Cyber Security Blog

Black Hat Hacker Insights: The easiest way hackers access your sensitive data

Written by Joseph Carson

August 17th, 2017

Hackers claim that compromised privileged accounts are their quickest route to your sensitive data.

We asked nearly 300 hackers “What is the fastest route to getting access to an organization’s sensitive data? The response was that it’s a toss-up between privileged accounts and compromised email accounts, both of which can hold a trove of sensitive information.

32% of hackers say accessing your privileged accounts is the easiest way to get at your sensitive data.


You can read our full Black Hat USA 2017 Survey Report here >

Hackers say these are the easiest ways to access your sensitive data:

  1. Access to Privileged Accounts
  2. Access to an Email Account
  3. Access to a user’s endpoint (laptop, desktop)

Privileged Accounts are one of the most sensitive accounts within an organization and are often referred to as “The Keys to the Kingdom”—the keys that unlock access to companies’ networks, systems and confidential and sensitive data.  Many high-profile data breaches have resulted from passwords being stolen, or weak enough to crack. Initially the attackers simply gain access to your network, but then they target privileged accounts and elevate permissions allowing them to move around undetected—sometimes for months—carrying out malicious activities.

If we know privileged accounts are vulnerable, why is this still happening?

Unfortunately, many IT users still lack a full understanding of how privileged accounts function, as well as the risks associated with their compromise and misuse. That makes them and their organizations much more vulnerable to potential monetary and reputational damage from increasing threats.  Privileged accounts are everywhere in the IT environment. They give IT the building blocks for managing vast networks of hardware and software that power the information-driven world. Yet for most people, they’re invisible.

Let’s take a closer look at privileged accounts

Privileged accounts can be human or non-human; they exist to allow IT professionals to manage applications, software, and server hardware. Privileged accounts provide administrative or specialized levels of access based on higher levels of permissions that are shared. Some types of non-human privileged accounts are application accounts used to run services requiring specific permissions. Like user accounts, privileged accounts have passwords to control access. The problem with user and privileged account passwords is that many tools exist to aid hackers in cracking these passwords. After a hacker gets access to a password-protected system, the damage can be catastrophic.

Hijacking privileged accounts gives attackers the ability to:

  • access and download your most sensitive data
  • distribute malware
  • bypass your existing security controls
  • erase your audit trails to hide their activity

Now can you picture the degree of havoc that can be unleashed by one hacker gaining access to your network via a single unmanaged privileged account?

…60 to 80 percent of all security breaches now involve the compromise of user and privileged account passwords

Industry analysts estimate that 60 to 80 percent of all security breaches now involve the compromise of user and privileged account passwords. Yet, traditional methods of identifying and managing privileged accounts still rely on manual, time consuming tasks performed on an infrequent or ad-hoc basis. Even in the most sophisticated IT environments, privileged accounts are all too often managed by using common passwords across multiple systems, unauthorized sharing of credentials, and default passwords that are never changed—making them prime targets for attack. (If this sounds familiar, you need to download our free Password Security Policy template.)

A privileged account breach may result in a simple network breach or a full-on cyber catastrophe.  When a single system is compromised, it is typically easy to mitigate, isolate and eradicate that risk and restore. But when a privileged account is breached it can lead to a major catastrophe. This kind of breach can be far more difficult to isolate and eradicate. If your domain admin was compromised you might have to rebuild your entire active directory, and this is in no way an easy task.

If those are the easiest ways for hackers to access your network, what do they consider the hardest?

The hackers we surveyed explained that these are the hardest security measures to beat, giving us a hint as to the best bang for your buck in security options:

  1. Multi-Factor Authentication
  2. Encryption

Sooner or later a hacker will have your organization in their sights, if they haven’t already done so. If you’d like to take a deeper peek into the mind of a hacker, and view the collection of revealing statistics we’ve prepared, download our full report—it’s free, and it’s an eye-opener:

Download the Black Hat USA 2017 Survey Report here.


Windows Discovery Tool

FREE Windows Privileged Account Discovery Tool

What will you find?


Like this post?

Get our top blog posts delivered to your inbox once a month.