Today, advanced cyber attacks launched by nation-states and criminal organizations depend on an inventory of exploits – known as zero-day attacks – to overcome the perimeter security of a network. These zero-days have an inherent financial value based on their capabilities. The more powerful, quiet and unique the zero-day, the more expensive it is to purchase.
In most attacks, the least cost zero-day is used to break into an organization. From there, software is installed to extract privileged credentials (i.e. passwords, SSH keys, hashes, Kerberos tickets, certificates) from the exploited machine. These credentials are then leveraged to move laterally throughout the network.
Since most organizations rarely, if ever, change their privileged account credentials, the attackers can nest for hundreds of days while expanding their access. The key to this attack is that the zero-day is only used once. Therefore it retains its value, since the attackers are able to move on by leveraging the stolen credentials.
Burn Down the Value of Zero-Day Exploits
This week at RSA Conference 2015 Lieberman Software is exhibiting technology to automatically invalidate credentials stolen by zero-days. In doing so, cyber attackers are forced to continuously launch zero-day attacks on every system. That’s because the attempt to steal credentials and move laterally from system to system is thwarted.
The term “burn baby burn” refers to the fact that nation states and criminals hackers who attack our customers see a fast burn down in the value of zero-day exploits. Essentially, we “burn down” the value of the zero-day due to overuse, and compel the attackers to back off. (See this SC Magazine article for more information on this concept).
Lieberman Software is exhibiting this capability at RSA Conference 2015 in booths N3334 and S1523. Stop by and learn more.
By Philip Lieberman, President and CEO, Lieberman Software
Mr. Lieberman is an astute entrepreneur able to perceive shortcomings in the cyber security market, and fill those gaps with innovative solutions. He developed the first products for the privileged identity management space, and continues to introduce new solutions for this burgeoning security field.