One-Third of Internal User Accounts Are Ghost Users

  /     /     /  
Publicated : 22/11/2024   Category : security


One-Third of Internal User Accounts Are Ghost Users


Attackers and malware can easily move laterally through an organization, thanks to inadequate access controls on file systems and a proliferation of inactive but enabled users.



Meager access controls on folders and file systems are leaving organizations wide open to the lateral movement of attackers and malware, according to a new report.
Security firm Varonis analyzed data risk assessments performed by its engineers on 130 companies and 5.5 petabyes of data through 2017. What concerns Varonis technical evangelist Brian Vecci most is that companies left 21% of all their folders open to everyone in the company.
Thats absurd, he says, noting that this openness enables attackers and malware to penetrate one user and spread laterally throughout a network. In a world where businesses are being taken down by ransomware, how could you possibly let a fifth of your file system be taken down by any one user making a mistake?
Sensitive folders and files are among the overexposed. Thirty percent of companies leave more than 1,000 sensitive folders accessible to all employees, and 41% have more than 1,000 sensitive files accessible to all employees, according to the report. 
Adding to the risk of attackers lateral movement is the prevalence of user accounts that are stale - inactive, out of use - but still enabled. The Varonis assessments found that 34% of all users fall into this ghost user category; almost half (46%) of companies have over 1,000 ghost user accounts. 
Not only are users inactive, but the data is as well - more than half (54%) of companies data is stale, according to the report. Not only could this be a needless storage expense, but it puts organizations at higher risk of breaches and regulatory compliance violations.
You ask anyone if they 
have
 data retention and destruction policies, everyone raises their hands, says Vecci, but if you ask do you apply these policies to your file systems, the answer is almost always no. 
His advice is to scan for sensitive data, map all access controls, and turn on monitoring. In other words, know what youve got, says Vecci. If you just do these three things, companies would be so much further than they are right now. And it doesnt need to be a big project.
Related Content:
7 Deadly Security Sins of Web Applications
Panera Bread Leaves Millions of Customer Records Exposed Online
Putting the S in SDLC: Do You Know Where Your Data Is?
Back to Basics: AI Isnt the Answer to What Ails Us In Cyber
 
 
Join Dark Reading LIVE for two cybersecurity summits at Interop ITX. Learn from the industry’s most knowledgeable IT security experts. Check out the
security track here
. Register with Promo Code DR200 and save $200.

Last News

▸ Travel agency fined £150,000 for breaking Data Protection Act. ◂
Discovered: 23/12/2024
Category: security

▸ 7 arrested, 3 more charged in StubHub cyber fraud ring. ◂
Discovered: 23/12/2024
Category: security

▸ Nigerian scammers now turning into mediocre malware pushers. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
One-Third of Internal User Accounts Are Ghost Users