New research by Silverfort has revealed that two out of three businesses sync on-premises passwords to cloud environments, weakening the cloud environment. Any on-premises vulnerabilities are migrated to the cloud environment, creating a weakness that malicious actors can exploit.
Over the past 10 years, more and more organizations have sought to utilize cloud environments. While many organizations seek to innovate, not all are prepared to secure cloud environments. Observed security gaps include misconfigurations, inadequate legacy infrastructure and vulnerable built-in features that malicious actors can leverage to gain access to the cloud.
The research team created four distinct categories of Identity Threat Exposures (ITEs) to give security leaders a framework to classify, understand and confront the diverse range of identity issues that malicious actors can leverage.
- Privilege escalators, such as unconstrained delegation and shadow admins, give malicious actors an avenue to find additional access privileges.
- Lateral movers allow a malicious actor to move laterally while avoiding detection. Examples include prolific users and service accounts.
- Password exposers (like NTLM or NTLMv1 authentication) can reveal an account’s passwords to a malicious actor.
- Protection dodgers can create legitimate user accounts for malicious actors. They stem from mismanaged accounts or human error and include new users, stale users and shared accounts.