Sectona-Logo

Privileged Access Management (PAM) lessons learned in 2021

As enterprises were forced to adapt to the new remote work model in 2020, flexibility and resilience became critical aspects of success, enabling businesses to respond better. And in 2021, companies were no longer trying to survive the paradigm shift; they aimed to thrive in the new normal. Now, as we head into 2022, we analyze the challenges of 2021 pertaining to Privileged Access Management (PAM) and glean insights into making businesses even more secure.

Here are the critical Privileged Access Management lessons that we learned in 2021

Gaining Control Over Remote Endpoints is Crucial 

Remote work is unlikely to go away in 2022. Gartner Inc. predicts the hybrid work model will no longer be just a “measure” and will be adopted as a serious trend. Moreover, analysts say that by the end of 2022, 75 per cent of organizations will choose this model. Delivering a robust, secure, and frictionless experience for a hybrid workforce will require CIOs to make significant service and technical changes.

A Zero Trust Approach is Vital  

The scourge of poor access controls was prevalent in 2021, as many large-scale breaches were made possible due to weak passwords. Recently, Microsoft warned about a rise in password spray attacks that target privileged cloud accounts and high-profile entities such as C-level executives.

Ideally, as part of a larger Zero Trust strategy, enterprises must implement advanced access controls such as multi-factor authentication (MFA) to defend themselves. Zero Trust enhances security by checking the identity and integrity of systems regardless of location and combining those results with user authentication checks in order to make decisions about access to services and applications.

Employees are the Weakest Link 

Per Version DBIR, 85 per cent of data breaches involve human error. In 2021, one particularly successful strategy was using phishing emails to deploy ransomware. While analysts and experts have lectured on the importance of information security awareness training during the pandemic, recent statistics are worrisome.

Ensuring security in 2022 will require a better approach to training. Organizations must clearly communicate the best cybersecurity practices that will benefit the company and the individual in the long run.

Training must be tailored to each employee’s specific role and must include everyone (from front-line workers to executives). Moreover, it should be mandatory and frequent. It’s also vital to efficiently implement workflows that meet employees’ on-the-job needs, so they are not tempted to bypass cybersecurity rules for speed and convenience.

Ransomware in 2021: Highlighting the Importance of Privileged Access Management (PAM)

Data breaches and cyberattacks soared in 2021. The looming threat of ransomware has forced businesses to evaluate their cybersecurity programs, roadmap, and budget and critically assess their Identity and Access Managed (IAM) and Privileged Access Management (PAM) solutions. 

Some of the disruptive cyberattacks of 2021 underscored the importance of PAM solutions and how they can help mitigate a business-crippling data breach. 

The Port of Houston Attack 

In October, cyber attackers (suspected to be backed by a foreign government) breached a computer network at the Port of Houston. According to a public statement from a senior US cybersecurity official and the Coast Guard analysis obtained by CNN, an early detection meant there was no disruption in shipping operations. 

The Port has been a majordriving force in the economy of the Houston area. It is responsible for more than 3 million jobs throughout the US and more than $70 billion of total salaries and wages from maritime activities at its terminals. 

A successful breach could have resulted in operations being shut for days (or even weeks), causing numerous pileups in supply chains already impacted by the Covid 19 pandemic. 

Initially, the attackers were able to breach user-level permissions by exploiting a zero-day vulnerability in the Port’s self-service Single Sign-On (SSO) product. However, when they tried to elevate from User to Administrator, the Port’s Privileged Access Management solution detected them and shut them out. 

Prompt detection by Port’s automated systems and activation of an incident plan isolated the compromised network within 90 minutes of the initial breach. 

The Twitch Breach 

One of the most popular data breaches in 2021 involved the popular Amazon-owned streaming platform, Twitch. On account of an error in a server configuration, 125GB of sensitive internal information was posted on 4chan. Per Video Games Chronicle (who first reported on the incident), the following data sets were leaked: 

  • Twitch’s entire source code, dating back to its early beginnings 
  • Creator payout reports from 2019 
  • Desktop, mobile, and console Twitch clients 
  • Twitch’s proprietary SDKs, as well as internal AWS services 
  • IGDB, CurseForge and every other asset Twitch owns 
  • Codenamed Vapor, an unreleased Steam competitor from Amazon Game Studios 
  • Twitch internal red-teaming tools 

The server misconfiguration left a direct pathway to the unguarded crown jewels of Twitch, raising questions pertaining to the basic concepts of least-privilege access. 

Leveraging Robust PAM Solutions for a Safer 2022

The challenges and events in 2021 have presented a straightforward example for the year ahead. Themodern Privileged Access Management system is an essential part of an active cyber defence system, ensuring continuous management and visibility of highly privileged accounts that constitute an enterprise’s privileged access. Implementing Privileged Access Management solutions is imperative as we head into 2022.