Clearly the threat presented by online criminals is now well beyond the realm of big business, financial institutions or even private companies; it now involves industries linked inextricably to our everyday existence – from power operators to telecommunications providers. In a joint communiqué, the government and regulators pledged, among other items, to adopt the security standards set by GCHQ’s ‘10 Steps to Improve Cyber Security plan’. Importantly, one step calls out the need to manage the access rights of ‘privileged users’.
The risk presented by unmanaged, and unmonitored, privileged user accounts has rightly leapt to the fore in recent months – not least in thanks to the archetypal example of Edward Snowden. Privileged users – typically assuming the titles of computer system administrators and the like – are a special concern because of the often unhindered access to systems and data typically associated with these roles.
The uncomfortable reality is that privileged insiders exist in every organisation and, while their presence is essential to the running and maintenance of corporate networks, their powerful network access rights often enable their user accounts to perform actions they simply should not be able to. The risk arises when these privileged accounts have access to read, copy or change documents – this is also why they are a strategic and alluring target for perpetrators of cyber-attacks like APTs.
Unfortunately, the swathe of data breaches at the moment are proof enough that far too many organisations are still floundering to protect themselves from abuse of this nature. It’s worthwhile remembering that the breaches affecting both US retailer Target and the Korea Credit Bureau (KCB) in recent weeks involved network access abuse.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.