Dormant Accounts: The Hidden Danger in Your Cyber Security

Just like a forgotten lunchbox that was last seen before the summer break can cause issues when discovered before the next term starts, dormant accounts can also cause a stink within your IT security landscape. 

A dormant account refers to a user account within a computer system or network that has remained inactive or unused for a considerable period of time. These dormant accounts can pose a significant security risk, primarily because they are often overlooked or forgotten, yet still possess access privileges. As a result, they may become vulnerable to unauthorised access or misuse.

It is crucial to address the issue of dormant accounts to ensure the highest level of security for government systems and networks. When these accounts are not effectively managed, they can serve as potential entry points for security breaches. This could lead to severe consequences like data breaches, unauthorised activities, or other security incidents.

What are the risks associated with dormant accounts in my company’s systems? 

A 2018 report by Digital Guardian found that 52% of all user accounts in a public sector company have not been used in more than six months, which presents a significant cyber security threat. 

Yep, you read that right… 

That is 52% of all accounts within the public sector sitting idle, and as a potential weakness to be exploited. Here are some of the risks that need to be understood to ensure that the severity of this risk can be mitigated. 

Unauthorised Access

Dormant accounts that are left active and unattended can be targeted. If the access credentials associated with these accounts are compromised or discovered, unauthorised individuals can gain access to sensitive systems or data. What data may they have access to? And how could this impact your organisation?

Privilege Abuse

Dormant accounts may have certain privileges assigned to them, allowing extensive access to critical systems or sensitive information. If these accounts are compromised, attackers can abuse these privileges to perform unauthorised actions, manipulate data, or even cause system-wide disruptions.

Regulatory Compliance Violations

Depending on the industry or sector, there may be regulatory requirements regarding account management, access control, and user activity monitoring. Failure to properly manage dormant accounts and maintain compliance can lead to legal and regulatory consequences.

These are just a few of the issues associated with dormant accounts…

How can leaked credentials become a cyber security threat to my business? 

Leaked credentials give individual access to you and your core assets. Within your organisation your team will have access to various parts of your business, if that access is compromised it can become a serious security threat.

Here are some of the issues your organisation may face: 

1. Account takeover or ATO 

Leaked credentials can be used to launch account takeover attacks. By obtaining legitimate login credentials, attackers can bypass security measures and gain unauthorised access to user accounts. This can lead to various malicious activities, such as unauthorised transactions, identity theft, manipulation of personal data, or spreading malware.

2. Reputation Damage

Leaked credentials can harm an individual's or organisation's reputation. If an individual's personal accounts are compromised, it can lead to identity theft, loss of trust among peers, and potential damage to their professional or personal reputation.

3. Phishing Attacks

 Attackers often use leaked credentials as part of phishing campaigns. They send deceptive emails or messages pretending to be a legitimate organisation and prompt users to enter their credentials on fake websites. If users unknowingly provide their leaked credentials, attackers can exploit them to gain access to their accounts and perpetrate further attacks.

The threats begin to pile up… and the more dormant accounts you have lying around within your systems the more of an issue for your security there is. 

What steps should my company take to manage dormant accounts? 

Regularly monitoring and checking your accounts would be the first step to manage your dormant or inactive users in the active directory. 

Actively penetrating your defences with solutions like Pentera help you validate your security practices, not only will this highlight inactive accounts that are lurking in the background, but it will shine a light on weak passwords that do not comply with your company password policy.

Cybercrime monitoring services are your first-line in defence to tackle any of the issues that we have highlighted above. 

It gives you the opportunity for early detection. Cyber crime monitoring services and platforms use various techniques to monitor for any suspicious activities, ensuring that you know as soon as there is a potential problem that you need to act upon. 

Within cyber crime monitoring systems there is also up to date information and intelligence regarding the latest cyber threats and patterns. Having access to a system that has this information is integral to staying up to date when it comes to staying safe and secure.

Compliance is also a huge benefit when it comes to utilising cyber crime monitoring services. Cyber crime monitoring services can also help companies meet regulatory and compliance requirements, such as PCI DSS, HIPAA, and GDPR, by monitoring their systems and data for security and privacy risks, and reporting any non-compliance issues.

You need an extra set of eyes that is awake 24/7 to keep you IT landscape safe, and that is where these systems and protocols step in to support you and your organisation. 

What measures can companies take to proactively protect against cyber attacks? 

The first thing you can do is get in touch with us at Core to Cloud! One of our team will be waiting to pick up the phone to discuss all of the options you have to ensure you lower the amount of dormant accounts and fortify your cyber security. 

Here are some other ways you can keep your organisation safe: 

  1. Ensure you have robust security policies in place.
  2. Create and run training for awareness for employees.
  3. Monitor and fortify your secure network infrastructure.
  4. Scan, update and patch where necessary.
  5. Add in multi-factor authentication where possible. 

This was not supposed to be all doom and gloom… but dormant accounts can seriously impact your cyber security. We know it can be tiring and confusing granting and revoking privileges, and ensuring everything is up to date, but you don’t have to do this alone. 

At Core to Cloud we are ready to talk you through our technologies, with AI in their Toolkit, can help you with your cyber security needs. 

Contact us here 

If you want to stay in the loop with everything cyber security from a IT pro or C-suite level view then we have got you covered, sign up to our new newsletters here

The Core of IT V4
Jan 23 2025

The CISO’s Reality: Ransomware Defence in 2025’s Threat Landscape

The modern CISO faces a ransomware landscape that bears little resemblance to the threats of years past. Gone are the days of simple file encryption and opportunistic...
Jan 16 2025

Advanced Threat Actor TTPs and Strategic Defence: A CISO’s Perspective on the UK Threat Landscape

The sophistication of threat actors targeting UK enterprises has evolved significantly, with particular emphasis on living-off-the-land (LotL) techniques and...
Dec 02 2024

The Rise of Fake Crypto Apps: Malware Masquerading as Money-Making Tools

Cryptocurrency is everywhere these days, and as more people jump into this digital gold rush, cybercriminals are stepping up their game, too. One of their latest...
Nov 18 2024

Meta’s $91 Million Fine: What It Means for Businesses Everywhere

Cryptocurrency is everywhere these days, and as more people jump into this digital gold rush, cybercriminals are stepping up their game, too. One of their latest...
Oct 23 2024

BOG OFF AI, You Will Never Be Able to Replicate My Highly Muddled Mind

By Kelly Allen 10 years ago, when I started my career in cybersecurity, it was Machine learning, and now everyone seems to be talking about AI. But I have to say, I am...
Oct 08 2024

The Rising Tide of Cyber Threats: Recent Cybersecurity Incidents and Their Implications

In the sprawling digital landscape of the 21st century, cybersecurity is like the weather—constantly changing, often unpredictable, and occasionally downright...
An AI generated image of a woman with short hair wearing a suit and pink glasses
Oct 08 2024

Bridging the Divide: Addressing the Gender Gap in Cybersecurity for a More Efficient and Innovative Future

The cybersecurity industry, a digital battleground where hackers, ethical or otherwise, clash with an ever-evolving array of defences, should be a diverse and inclusive...
Sep 24 2024

The Chronicles of Cyberland: A Tale of Cybersecurity Resilience

Welcome to Cyberland, a place where the terrain is shaped not by mountains and rivers but by data streams, firewalls, and encryption algorithms. It's a whimsical world,...
Sep 11 2024

Unmasking the Threat: The Real Story Behind the CrowdStrike Incident

In the fast-paced world of cybersecurity, the devil is truly in the details. This was obvious in the recent CrowdStrike incident that had many business owners and IT...
Jun 27 2024

How Hackers Could Influence the UK Election

Cybersecurity Issues Linked with the Upcoming UK Election As the UK gears up for its upcoming election, the importance of cybersecurity has never been more important....

Trusted by CISOs and IT teams at over 150 organisations