Privileged Identity Management - Risks of Unmanaged Privileged Identities

Risks of Unmanaged Privileged Identities

Unmanaged privileged identities can be exploited by both insiders and external attackers. If they are not monitored, held accountable, and actively controlled, malicious insiders, including system administrators, can steal sensitive information or cause significant damage to systems.

A 2009 report prepared for a US congressional committee by Northrop Grumman Corporation details how US corporate and government networks are compromised by overseas attackers who exploit unsecured privileged identities. According to the report, "US government and private sector information, once unreachable or requiring years of expensive technological or human asset preparation to obtain, can now be accessed, inventoried, and stolen with comparative ease using computer network operations tools."

The intruders profiled in the report combine zero-day vulnerabilities developed in-house with clever social exploits to gain access to individual computers inside targeted networks. Once a single computer is compromised, the attackers exploit "highly privileged administrative accounts" throughout the organization until the infrastructure is mapped and sensitive information can be extracted quickly enough to circumvent conventional safeguards.

Privileged account passwords that are secured by a privileged identity management framework so as to be cryptographically complex, frequently changed, and not shared among independent systems and applications offer a means to mitigate the threat to other computers that arises when a single system on a network is compromised.