The simplicity and maliciousness of this one is pretty incredible... For those of you worried about the perimeter may need to spend more time looking inside...
NEWTON, Mass.--(BUSINESS WIRE)--Cyber-Ark, the privileged identity management specialists, says that the ongoing FiberWAN network lockout situation in San Francisco - where a network administrator has changed system passwords and is refusing to hand them over to administrators - could have been avoided if managers had operated a high-security approach to master passwords.
“This is yet another example of the power privileged identities, such as administrative passwords have and the havoc they can cause in the wrong hands,” said Adam Bosnian, a vice president at Cyber-Ark. “Hackers, or rogue employees such as this case, are savvier on how to create the most damage with the least effort these days, and the use of admin passwords does just that. Unfortunately, the San Francisco department left themselves wide-open by not taking their privileged identity management seriously.”
The San Francisco Chronicle reported Monday that Terry Childs, a discontent computer network administrator for the Department of Technology, tampered with the FiberWAN, which contains the San Francisco’s sensitive data, and created an administrative password that provided him access to the network. Childs refuses to give the elusive password to authorities, even after his arrest.
The city is estimating that this issue will cost millions in repairs. Though the network is running, there is still no way for IT administrators to access it.
“It is critical to take a more proactive approach to secure company back doors,” Bosnian adds, “Companies install complex systems for personal passwords and overlook the more numerous privileged passwords and identities that provide even more system access. These security breakdowns will continue to occur until these keys to the kingdom are securely centralized and managed.”
The San Francisco crisis follows numerous scandals within the last year such as the TJX disaster where millions of users’ data was compromised due to a breach involving administrative passwords.