Centrify Senior Director APAC SalesNiall KingCentrify Senior Director APAC SalesNiall KingCybersecurity leader Centrify has warned that the privileged password practice which allowed the comprehensive “Alf” software hack of an Australian defence contractor is disturbingly widespread.

Earlier this week, the Australian Cyber Security Centre (ACSC) revealed details of a data breach in which 30 gigabytes of sensitive information was stolen between July and November last year from 50-person aerospace engineering firm that subcontracts to the Department of Defence. The Australian Signals Directorate (ASD) codenamed the attacker Alf, after a character in the long-running Australian TV soap opera Home and Away.

Subsequent reports state the hacker stole sensitive data including restricted technical information on the F-35 Joint Strike Fighter, the P-8 Poseidon maritime patrol aircraft, the C-130 transport aircraft, the Joint Direct Attack Munition (JDAM) smart bomb kit, and Australian naval vessels.

The hacked defence subcontractor had all IT-related functions managed by just one person, who had been in the role for only nine months. While initial access came from exploiting a 12-month-old vulnerability in the company’s IT Helpdesk Portal, the hacker used a common Local Administrator account password with access to all servers for lateral movement within the network. This provided access to email and other sensitive data.

Centrify Senior Director APAC Sales Niall King said the practice of allowing privileged administrator accounts to have extensive network access was disturbingly widespread. “Verizon recently reported that 80 per cent of breaches are due to compromised credentials,” he said.

“The lesson is that users and administrators should never run their computer with administrative privileges unless they are required to do a specific task. This is where the ‘Least Privilege’ model advocated and implemented by Centrify is important: It assigns users and administrators with privileges on a temporary basis to perform specific tasks on specific machines.

“Least Privilege Access ensures that if an exploit or attack occurs, it will not have the privileged access necessary to cause sustained damage. Security can be improved further by mandating multi-factor authentication (MFA) approval by the user before a privileged task executes.”

For more information or to arrange an interview, please call me on +61 8 8431 400 or email john@impress.com.au.

About Centrify

Centrify redefines security from a legacy static perimeter-based approach to protecting millions of scattered connections in a boundaryless hybrid enterprise. As the only industry recognised leader in both Privileged Identity Management and Identity-as-a-Service, Centrify provides a single platform to secure each user’s access to apps and infrastructure through the power of identity services. This is Next Dimension Security in the Age of Access. Centrify is enabling more than 5000 customers, including over half the Fortune 50 in the US, to defend their organisations. To learn more visit www.centrify.com.

The Breach Stops Here.

Centrify is a registered trademark and Centrify Server Suite, Centrify Privilege Service and Centrify Identity Service are trademarks of Centrify Corporation in the United States and other countries. All other trademarks are the property of their respective owners.

Related News