Centrify has warned that the privileged password practice which allowed the comprehensive “Alf” software hack of an Australian defence contractor is disturbingly widespread.Cybersecurity leader
Earlier this week, the Australian Cyber Security Centre (ACSC) revealed details of a data breach in which 30 gigabytes of sensitive information was stolen between July and November last year from 50-person aerospace engineering firm that subcontracts to the Department of Defence. The Australian Signals Directorate (ASD) codenamed the attacker Alf, after a character in the long-running Australian TV soap opera Home and Away.
Subsequent reports state the hacker stole sensitive data including restricted technical information on the F-35 Joint Strike Fighter, the P-8 Poseidon maritime patrol aircraft, the C-130 transport aircraft, the Joint Direct Attack Munition (JDAM) smart bomb kit, and Australian naval vessels.
The hacked defence subcontractor had all IT-related functions managed by just one person, who had been in the role for only nine months. While initial access came from exploiting a 12-month-old vulnerability in the company’s IT Helpdesk Portal, the hacker used a common Local Administrator account password with access to all servers for lateral movement within the network. This provided access to email and other sensitive data.
Centrify Senior Director APAC Sales Niall King said the practice of allowing privileged administrator accounts to have extensive network access was disturbingly widespread. “Verizon recently reported that 80 per cent of breaches are due to compromised credentials,” he said.
“The lesson is that users and administrators should never run their computer with administrative privileges unless they are required to do a specific task. This is where the ‘Least Privilege’ model advocated and implemented by Centrify is important: It assigns users and administrators with privileges on a temporary basis to perform specific tasks on specific machines.
“Least Privilege Access ensures that if an exploit or attack occurs, it will not have the privileged access necessary to cause sustained damage. Security can be improved further by mandating multi-factor authentication (MFA) approval by the user before a privileged task executes.”
Centrify redefines security from a legacy static perimeter-based approach to protecting millions of scattered connections in a boundaryless hybrid enterprise. As the only industry recognised leader in both Privileged Identity Management and Identity-as-a-Service, Centrify provides a single platform to secure each user’s access to apps and infrastructure through the power of identity services. This is Next Dimension Security in the Age of Access. Centrify is enabling more than 5000 customers, including over half the Fortune 50 in the US, to defend their organisations. To learn more visit www.centrify.com.
The Breach Stops Here.
Centrify is a registered trademark and Centrify Server Suite, Centrify Privilege Service and Centrify Identity Service are trademarks of Centrify Corporation in the United States and other countries. All other trademarks are the property of their respective owners.
- Centrify delivers derived credentials authentication for mobiles Solution extends Centrify’s mobile capabilities to enable secure single sign-on with CAC/PIV derived credentials in highly regulated environments in Australia and New Zealand...
- Research shows data breaches carve 5% from share prices As corporations globally recover from recent ransomware attacks, Centrify-commissioned research reveals that many organisations underestimate the true cost of data breaches Centri...
- Centrify delivers industry’s first federated privileged access service to protect enterprises with outsourced IT Cloud-based security solution minimises an organisation’s attack surface by governing and securing federated access by outsourced IT, vendors and other third parties Centrif...
- Centrify receives 2015 Cloud Computing Product of the Year Award Centrify Identity Service gains industry recognition as an innovative cloud solution Centrify, the leader in securing enterprise identities against cyberthreats, has announce...