Just like a forgotten lunchbox that was last seen before the summer break can cause issues when discovered before the next term starts, dormant accounts can also cause a stink within your IT security landscape.
A dormant account refers to a user account within a computer system or network that has remained inactive or unused for a considerable period of time. These dormant accounts can pose a significant security risk, primarily because they are often overlooked or forgotten, yet still possess access privileges. As a result, they may become vulnerable to unauthorised access or misuse.
It is crucial to address the issue of dormant accounts to ensure the highest level of security for government systems and networks. When these accounts are not effectively managed, they can serve as potential entry points for security breaches. This could lead to severe consequences like data breaches, unauthorised activities, or other security incidents.
What are the risks associated with dormant accounts in my company’s systems?
A 2018 report by Digital Guardian found that 52% of all user accounts in a public sector company have not been used in more than six months, which presents a significant cyber security threat.
Yep, you read that right…
That is 52% of all accounts within the public sector sitting idle, and as a potential weakness to be exploited. Here are some of the risks that need to be understood to ensure that the severity of this risk can be mitigated.
Unauthorised Access
Dormant accounts that are left active and unattended can be targeted. If the access credentials associated with these accounts are compromised or discovered, unauthorised individuals can gain access to sensitive systems or data. What data may they have access to? And how could this impact your organisation?
Privilege Abuse
Dormant accounts may have certain privileges assigned to them, allowing extensive access to critical systems or sensitive information. If these accounts are compromised, attackers can abuse these privileges to perform unauthorised actions, manipulate data, or even cause system-wide disruptions.
Regulatory Compliance Violations
Depending on the industry or sector, there may be regulatory requirements regarding account management, access control, and user activity monitoring. Failure to properly manage dormant accounts and maintain compliance can lead to legal and regulatory consequences.
These are just a few of the issues associated with dormant accounts…
How can leaked credentials become a cyber security threat to my business?
Leaked credentials give individual access to you and your core assets. Within your organisation your team will have access to various parts of your business, if that access is compromised it can become a serious security threat.
Here are some of the issues your organisation may face:
1. Account takeover or ATO
Leaked credentials can be used to launch account takeover attacks. By obtaining legitimate login credentials, attackers can bypass security measures and gain unauthorised access to user accounts. This can lead to various malicious activities, such as unauthorised transactions, identity theft, manipulation of personal data, or spreading malware.
2. Reputation Damage
Leaked credentials can harm an individual's or organisation's reputation. If an individual's personal accounts are compromised, it can lead to identity theft, loss of trust among peers, and potential damage to their professional or personal reputation.
3. Phishing Attacks
Attackers often use leaked credentials as part of phishing campaigns. They send deceptive emails or messages pretending to be a legitimate organisation and prompt users to enter their credentials on fake websites. If users unknowingly provide their leaked credentials, attackers can exploit them to gain access to their accounts and perpetrate further attacks.
The threats begin to pile up… and the more dormant accounts you have lying around within your systems the more of an issue for your security there is.
What steps should my company take to manage dormant accounts?
Regularly monitoring and checking your accounts would be the first step to manage your dormant or inactive users in the active directory.
Actively penetrating your defences with solutions like Pentera help you validate your security practices, not only will this highlight inactive accounts that are lurking in the background, but it will shine a light on weak passwords that do not comply with your company password policy.
Cybercrime monitoring services are your first-line in defence to tackle any of the issues that we have highlighted above.
It gives you the opportunity for early detection. Cyber crime monitoring services and platforms use various techniques to monitor for any suspicious activities, ensuring that you know as soon as there is a potential problem that you need to act upon.
Within cyber crime monitoring systems there is also up to date information and intelligence regarding the latest cyber threats and patterns. Having access to a system that has this information is integral to staying up to date when it comes to staying safe and secure.
Compliance is also a huge benefit when it comes to utilising cyber crime monitoring services. Cyber crime monitoring services can also help companies meet regulatory and compliance requirements, such as PCI DSS, HIPAA, and GDPR, by monitoring their systems and data for security and privacy risks, and reporting any non-compliance issues.
You need an extra set of eyes that is awake 24/7 to keep you IT landscape safe, and that is where these systems and protocols step in to support you and your organisation.
What measures can companies take to proactively protect against cyber attacks?
The first thing you can do is get in touch with us at Core to Cloud! One of our team will be waiting to pick up the phone to discuss all of the options you have to ensure you lower the amount of dormant accounts and fortify your cyber security.
Here are some other ways you can keep your organisation safe:
- Ensure you have robust security policies in place.
- Create and run training for awareness for employees.
- Monitor and fortify your secure network infrastructure.
- Scan, update and patch where necessary.
- Add in multi-factor authentication where possible.
This was not supposed to be all doom and gloom… but dormant accounts can seriously impact your cyber security. We know it can be tiring and confusing granting and revoking privileges, and ensuring everything is up to date, but you don’t have to do this alone.
At Core to Cloud we are ready to talk you through our technologies, with AI in their Toolkit, can help you with your cyber security needs.
Contact us here
If you want to stay in the loop with everything cyber security from a IT pro or C-suite level view then we have got you covered, sign up to our new newsletters here
