《2020BCS-北京网络安全大会:无惧前行-新数字经济场景下的特权访问管理.pdf》由会员分享,可在线阅读,更多相关《2020BCS-北京网络安全大会:无惧前行-新数字经济场景下的特权访问管理.pdf(17页珍藏版)》请在三个皮匠报告上搜索。
1、无 惧 前 行 新数字经济场景下的特权访问管理 路军龙 CyberArk software 技术总监 黑客攻击链 Aims for Windows Privileges Network Hijacking Credential Harvesting 特权访问风险面巨大 特权账号无处不在 账号共享,缺少责任界面 应用内嵌密码难于管理 改密带来挑战 远程访问无法保证安全,难于追踪 不同服务商的远程访问难于实现灵活访问控制 黑客的最爱 mysql:database:populate my-db: username= production-robot, password= D3d*9!xs3#fkd5
2、fSDvu%34qsocv3D3d*9!xs3#fkd5fSDvu%34qsocv3, privileges = SELECT,INSERT,UPDATE,DELETE, schemafile = /usr/share/my- db/schema/mysql.sql, DANGER!DANGER! 新常态下的安全趋势 According to the report, phishing remains the top form of social-driven breach and “schemes are increasingly sophisticated and malicious” as
3、 remote work surges. Meanwhile, the use of stolen credentials by external actors is on a meteoric rise. More than 80% of breaches tied to hacking (the number one threat action) involve the use of lost or stolen credentials or brute force. While these findings are not new or surprising, the DBIR reminds us that attackers nearly always take the path of least resistance by using this tried-and-true a