One in six endpoints has identity risks
Many data breaches have unmanaged, misconfigured or exposed identity details at their core. Yet despite this, businesses continue to lack visibility into their identity risk.
A new study from Illusive reveals as many as one in six enterprise endpoints it analyzed had some form of identity risk.
Exploitable identity risks enable attackers to gain initial access, establish their persistence on a network, elevate their privileges, evade defenses and accelerate their lateral movement until they have taken complete control.
The study finds that 87 percent of local admins were not enrolled in privileged access management solutions, such as Microsoft's Local Administrator Password Solution (LAPS). Misconfiguration is a problem too, with 40 percent of shadow admins (misconfigured users with unintended privileges) able to be easily exploited.
More than one in 10 (13 percent) endpoints contain privileged account passwords that have been left exposed (for example by having cached credentials). This is the digital equivalent of leaving your username and password written on a sticky note, and there are a variety of tools that attackers can employ to dump these privileged credentials in order to exploit them.
"As ransomware attacks reach record-breaking levels, the complexity of managing Active Directory and the limitations of existing identity and access management solutions have created an identity security gap that attackers easily exploit," says Ofer Israeli, CEO and founder of Illusive. "And it isn't just a gap -- it's a major blindspot -- this research is proof that organizations lack visibility into the identity risks that leave them vulnerable to an attack."
The company has also announced the launch of Illusive Spotlight and Illusive Shadow, its patented identity risk management platform enabling organizations to automatically and continuously discover, mitigate and protect against identity risks.
You can get the full report on the Illusive site.