Cyber Hygiene – Addressing Authentication in Active Directory

Microsoft’s Active Directory (AD) service is rife with potential risk factors providing threat actors with multiple avenues of exploitation. The cybersecurity firm Mandiant reported that 90 percent of the breaches they surveyed exploited AD vulnerabilities. Topping the list of fixable AD vulnerabilities is inadequate authentication security. One of the most pervasive issues is corporate applications allowing users anonymous access to AD. “With anonymous access to AD enabled, intruders who access your corporate network can query Active Directory for resources without adequately authenticating,” according to Sean Deuby, Director of Services at the cybersecurity firm Semperis. Another risk from poor authentication security is the Zerologon vulnerability, which allows attackers to forge an authentication token and seize domain admin privileges. Additionally, poor password management can exacerbate AD vulnerabilities. Easily guessable passwords and password reuse leaves users more exposed to AD exploitation. In sum, updating the security gaps in your organization’s AD service will greatly improve your cyber resiliency. Read more at Infosecurity Magazine.