Report Suggests Organizations Still Vulnerable to Credential Management and Network Segmentation Attacks

Alston & Bird
Contact
LinkedIn
Facebook
X
Send
Embed

The Multi-State Information Sharing and Analysis Center (MS-ISAC) published its 2016 mid-year review on August 22, 2016, highlighting large incidents of malware infections, with particular emphasis on ransomware and click fraud malware.  In contrast to the MS-ISAC report, however, an August 2016 report suggests most organizations would benefit from addressing issues of credential management and network segmentation.  The report is based on data collected over the course of 100 internal penetration tests (i.e., tests assuming one user on the network has already had their account compromised) on third party clients and found that four of the top five methods their testers used for compromising networks focused on network segmentation and credential management:

  1. Abuse of weak domain user passwords (66% of successful attacks)
  2. Broadcast name resolution poisoning (a form of man-in-the-middle attack that can be used to capture credentials) (64% of successful attacks)
  3. Local admin password attacks (61% of successful attacks)
  4. Attacks on cleartext (i.e., unencrypted) passwords in memory (59% of successful attacks)
  5. Insufficient network segmentation (52% of successful attacks)

In other words, expert penetration testers compromised these 100 networks without exploiting unpatched software vulnerabilities.  The report notes that their results were based on tests with a primary goal of “full compromise of the environment,” and an attacker motivated by a different goal may instead focus on other techniques like vulnerability exploitation.  For most organizations, however, credential management and network segmentation remain a risk.

The report argues that addressing these security risks may not be prohibitively expensive, and suggests that upgrading password policies, particularly if based on the new National Institute for Standards and Technology (NIST) password guidelines, can provide high-value security increases at relatively low cost.  The FTC’s recent interest in incorporating external standards, such as those published by NIST, also provides added value to such policy upgrades.  A full list of the report’s recommended fixes for credential management and network segmentation issues are available here.

[View source.]

Send Print Report

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Alston & Bird | Attorney Advertising

Written by:

Alston & Bird
Alston & Bird
Contact
more
less

Alston & Bird on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign Up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide