Six common hacking methods
Privileged user accounts play a key role in cyber attacks. If hackers succeed in gaining control of such accounts, they can steal highly sensitive information, bypass security mechanisms or manipulate systems.
Hackers are doing everything they can to gain possession of IT credentials for privileged user accounts. CyberArk explains the six most common methods they use to do this:
Keystroke Logging: In this case, a user's keystrokes are logged with the help of injected malware. A keylogger can either record all data or wait for specific entries.
Brute force attacks: In this method, hackers try to guess passwords by simply trying all possible combinations with the support of special software. The shorter and simpler the passwords are, and the less frequently they are changed, the higher the probability of success.
Memory Scraping: A malware taps into the RAM of PCs and searches for access data there. This can be passwords stored in plain text or hashes in Windows environments that can be used for pass-the-hash attacks.
Password spreadsheets: Many companies still keep their passwords in central tables. This makes them a particularly lucrative target for cyber criminals.
Social Engineering: In this case, hackers pretend to be acquaintances or colleagues, for example in e-mails. In this way, they try to persuade their victims to voluntarily disclose their access data.
Hard-coded credentials: Cyber criminals also often look for passwords or SSH keys that are found in the programming codes of applications, in scripts or in configuration files. They enable far-reaching access, but are often not changed for years.
"Most companies are now aware that privileged credentials play the crucial role in cyber attacks. Yet they are often not adequately protected," says Michael Kleist, Regional Director DACH at CyberArk.
In the expert's experience, many companies keep their passwords in spreadsheets, change their access data far too infrequently, or often grant users full administrative rights on PCs and servers unnecessarily. Moreover, conventional IT security measures are often powerless against modern cyber attacks. The intrusion of malware, which serves to spy on access data, can often not be prevented by perimeter protection.
