Auctioning Off Admin Access

In past articles, we’ve investigated in-depth the threat of the cybercriminal economy: stolen data sold and traded on the so-called “dark web,” along with increasingly malicious forms of software (like Ransomware-as-a-Service) distributed with step-by-step instructions for ill-intentioned hackers.

Our increasingly digital economy has, in turn, paralleled a growth spurt in these dark web transactions. And as corporate systems expand and unify into larger digital entities, closing off more and more potential means of access, high-profile account information has become an incredibly valuable commodity in illegitimate cyber markets.

Consider the average cybersecurity system: regardless of any foundational security to keep the ground level of a system safe, there is almost always an “administrative key,” or some other high-ranking account with access to bypass the barriers. It makes sense, then, that even as other avenues for hackers are eliminated, these administrative accounts would become very coveted—and extremely vulnerable.

Going Once

As one of the most consistently vulnerable industries in the business world, healthcare administrator access credentials are the most commonly auctioned off. The administrative credentials are used for both clinician and patient portals, according to Etay Maor, chief security officer at the threat intelligence firm IntSights.

Maor goes on to explain that stealing health data is a particularly tantalizing target for cybercriminals because unlike other targets, it can be reused for different kinds of attacks. Hackers might encrypt the data and use it to extort money in a ransomware attack, or sell patient information for identity thieves; and so on.

The concept of extracting and selling usernames and passwords from databases is hardly a new one, but this recent trend of selling admin access to healthcare organizations is both unexpected and troubling.

Not only could an enterprising hacker use it to bypass security systems, but admin access enables those with it to change data. By extension, if malicious agents appear in the system, the system may not register it as a threat.

Think Ahead

Cybercriminals should never slip by unnoticed—so you need a system as adaptable as they are.

Our IT Security Assessment catches and anticipates vulnerabilities before they can deal critical damage to your organization. We offer a wide variety of exercises and enhanced tactics to conduct complete, cohesive evaluations, including these key services:

  • Vulnerability and Penetration Testing
  • Extensive Firewall Evaluation
  • Social Engineering Evaluation
  • Antivirus Best Practices Evaluation
  • Network Security Best Practices Evaluation
  • Remote Location (Branch) Evaluation
  • Remote Access Evaluation
  • Telco-Testing/War-Dialing Evaluation
  • Wireless Security Evaluation

Contact us today to take your security to the next level.


Posted in BAI Security Blog, Reducing Security Risks, Security Risks and tagged , , , , .