Centrify has warned that the privileged password practice which allowed the comprehensive “Alf” software hack of an Australian defence contractor is disturbingly widespread.Cybersecurity leader
Earlier this week, the Australian Cyber Security Centre (ACSC) revealed details of a data breach in which 30 gigabytes of sensitive information was stolen between July and November last year from 50-person aerospace engineering firm that subcontracts to the Department of Defence. The Australian Signals Directorate (ASD) codenamed the attacker Alf, after a character in the long-running Australian TV soap opera Home and Away.
Subsequent reports state the hacker stole sensitive data including restricted technical information on the F-35 Joint Strike Fighter, the P-8 Poseidon maritime patrol aircraft, the C-130 transport aircraft, the Joint Direct Attack Munition (JDAM) smart bomb kit, and Australian naval vessels.
The hacked defence subcontractor had all IT-related functions managed by just one person, who had been in the role for only nine months. While initial access came from exploiting a 12-month-old vulnerability in the company’s IT Helpdesk Portal, the hacker used a common Local Administrator account password with access to all servers for lateral movement within the network. This provided access to email and other sensitive data.
Centrify Senior Director APAC Sales Niall King said the practice of allowing privileged administrator accounts to have extensive network access was disturbingly widespread. “Verizon recently reported that 80 per cent of breaches are due to compromised credentials,” he said.
“The lesson is that users and administrators should never run their computer with administrative privileges unless they are required to do a specific task. This is where the ‘Least Privilege’ model advocated and implemented by Centrify is important: It assigns users and administrators with privileges on a temporary basis to perform specific tasks on specific machines.
“Least Privilege Access ensures that if an exploit or attack occurs, it will not have the privileged access necessary to cause sustained damage. Security can be improved further by mandating multi-factor authentication (MFA) approval by the user before a privileged task executes.”
Centrify redefines security from a legacy static perimeter-based approach to protecting millions of scattered connections in a boundaryless hybrid enterprise. As the only industry recognised leader in both Privileged Identity Management and Identity-as-a-Service, Centrify provides a single platform to secure each user’s access to apps and infrastructure through the power of identity services. This is Next Dimension Security in the Age of Access. Centrify is enabling more than 5000 customers, including over half the Fortune 50 in the US, to defend their organisations. To learn more visit www.centrify.com.
The Breach Stops Here.
Centrify is a registered trademark and Centrify Server Suite, Centrify Privilege Service and Centrify Identity Service are trademarks of Centrify Corporation in the United States and other countries. All other trademarks are the property of their respective owners.
- As traditional perimeters are redefined, privileged access security is key to securing the hybrid enterprise Commissioned by Centrify Corporation, new Forrester study reveals inherent value of cloud-based Privileged Identity Management Centrify, the leader in securing enterprise ide...
- Centrify debuts ID security on AWS Marketplace Centrify earns Advanced Partner Status in the Amazon Web Services Partner Network and Centrify Identity Services are now available on AWS Marketplace Centrify chief product office...
- Centrify Addresses IT and User Challenges around Explosion of Mobile and Business Apps; Unveils Easy-to-Use, Secure Access for SaaS and Cloud Services... Builds on Microsoft Active Directory to Enhance Unified Identity Services across Data Center, Cloud and Mobile, Resulting in One Single Login for Users and One Identity Infrastruct...
- Centrify study finds CEO disconnect weakens cybersecurity Centrify CEO Tom Kemp Centrify, a leading provider of Zero Trust Security through the power of Next-Gen Access, has reported results of a new research study with Dow Jones Custome...