Password security is a major cause of concern for businesses, as the combination of loose and predictable practices with increasingly complex IT networks creates a potentially lucrative opportunity for cyber criminals. We’ll be revealing details of our investigation into how thousands of networks could be at risk due to easily accessible public breach data at this year’s UK CyberSecurity Summit on Tuesday 6 November.
To give you some background, just over two years ago, our SensePost research team released a tool called Ruler, which aims to exploit client-side Outlook features and gain remote network access. The tool proved to be devastating, but it required valid Windows Domain credentials in order to work.
However, this piqued our interest in the potential impact the tool could have in the real world. Our guess was that we’d be able to discover enough password public breach data dumps to be able to create a powerful Weapon of Mass Destruction. So we put it into action.
We extracted unique UK domain names from a small breach dump and scanned the Internet for publicly accessible Outlook Web Access servers corresponding to those domains. Then, factoring in the probability of passwords being reused between two sites, we estimated that about 0.05% of the domains we discovered in the breach data could be compromised using Ruler.
That equated to nearly 900 businesses in the UK alone, which inspired to revisit that research, refresh it and perform it on a wider scale to answer one simple question: How easy is it to get valid Windows Domain credentials from public breach data and how useful is it if you do?
The answer poses a serious threat to thousands of UK businesses. Find out more about the general state of password security and how to defend your network by attending SecureData’s annual UK CyberSecurity Summit event, on Tuesday 6 November.
The event will offer insight into the latest threats and vulnerabilities facing UK businesses amid an ever-evolving security landscape. We’ll also be revealing the results of an attack we carried out on our own systems at the event, as we uncover the results of a series of investigations carried out by SensePost.
Click here to book your place at UK CyberSecurity Summit, at IET, Savoy Place in London on Tuesday 6 November