Businesses are largely failing to block hackers from exploiting privileged IT accounts to access sensitive commercial data, a survey has revealed.
Some 63% of more than 400 IT staff polled across Europe agreed that recent cyber attacks have involved the exploitation of privileged account access, according to the latest annual Trust, Security and Passwords survey and report by security software company Cyber-Ark.
However, 48% of respondents said their organisations either did not monitor the use of privileged accounts or were unsure if they did.
Worse still, 50% of respondents admitted they were able to get around the controls put in place to monitor their privileged access.
Nearly half also admitted that they would take company information with them if they were fired, such as privileged passwords (9%) and customer databases (8%).
A huge number of companies do not have effective privileged identity management systems in place, according to Mike Fullbrook, UK and Ireland director of Cyber-Ark.
And many of the organisations that are attempting to address the issue are not doing so effectively because it is a much bigger problem than they think, he told Computer Weekly.
"It is not just about privileged and administrative accounts, but includes other things such as default and hard-coded passwords," he said.
This particular problem was highlighted by the fact that one of the propagation methods of Stuxnet specifically looked for hard-coded passwords.
Organisations need to put systems in place that address this aspect of the problem by making it unnecessary to hard-code passwords to enable systems to access databases, said Fullbrook.
"Although awareness of the issue is growing, few organisations are fully aware of the potential security risk at all levels; there is still a long way to go on that," he said.
According to Fullbrook, exploitation of privileged accounts has become the sweet spot for cyber attackers due to their far-reaching and powerful access rights.
"Therefore, monitoring and securing privileged accounts must be central to any organisation's security strategy, whether they are looking to protect against the rogue insider, the cyber attacker, or both," he said.
