What is a privilege escalation attack?
A privilege escalation attack is a cyber-attack in which a hacker somehow gains access to an employee’s account and grants himself access to privileged or classified information without going through proper authorization channels.
What are the two types of privilege escalation?
There are two common types of privilege escalation attacks, The first type is vertical privilege escalation – in these attacks, the hacker’s goal is to access the account of a certain individual and perform actions as them. Typically, the attacker’s goal is to get access to the information that the user has access to or to further spread the attack. The second type of attack is horizontal privilege escalation. In this attack, the scammer first gains access to an account and then exploits the loopholes in operating systems, networks and applications to elevate the permissions that the account has, therefore giving it access to more information, etc.
What can I do to prevent privilege escalation attacks?
When it comes to cybersecurity, your employees will always be the biggest liability and the most significant weakness. Luckily, effective security awareness training can help with this. Hackcontrol provides high-quality employee training to its customers to prevent privilege escalation and other cyber attacks. Additionally, it’s important to implement proper security protocols and procedures for monitoring account modification requests and using an Intrusion Prevention System in your company.
Frequently asked questions about privilege escalation
What are some examples of privilege escalation attacks?
One common example of a privilege escalation attack are emails that appear to come from banks or other services asking you to click on the link and log in to prevent your account from getting deactivated. Other attacks also use Windows sticky keys, Android Metasploit, Windows Sysinternals and other methods to steal access to user accounts.
What to do in case of a privilege escalation attack?
If you discover that you or your employee has been a victim of a privilege escalation attack, the first thing to do is to change the password on the affected account and disable the account. Then, check the system and detect any other accounts that exhibit abnormal behavior and change the passwords to all the accounts that have been accessed from the same device as the first affected account.