02 October 2024
Increased use of SaaS applications plus experimentation with LLMs and GenAI is creating an open goal for attackers in the form of unchecked machine identities, according to a new study from CyberArk.
Its research found that 47% of businesses expect their total number of machine identities to triple in the next year. While the creation of new identities is not inherently dangerous, CyberArk’s research suggests this trend is nevertheless leaving businesses vulnerable to attack, with almost half (49%) pinpointing machine identities as the riskiest form of identity.
AI relies heavily on machine identities to conduct automated processes that underpin software-based applications and systems. But businesses are developing AI without security in mind, leaving them without adequate controls around machine identities, which often have sensitive of privileged access. This makes them prime targets for cyberattacks yet, according to CyberArk’s study, 61% of organisations still define a privileged user solely as a human – despite acknowledging the risk machine identities pose. If not adequately protected and managed, these identities grant cyberattackers the freedom to conduct devastating breaches once they have obtained the relevant credentials.
Despite the SolarWinds attack in 2020, where attackers exploited machine identities to deliver malicious software updates, triggering huge financial losses and disruption, businesses are yet to address the risk of machine identity compromise - even with their explosive growth within enterprises. 30% cite machine identities as the number one driver for identity growth across their organisation, while in two thirds (68%) of businesses, up to half of all machine identities have access to sensitive data, showing how pervasive they have become in day-to-day operations.
“We need to start talking about machine identities. Right now, businesses are turning a blind eye to one of the most dangerous threats they face”, said Rich Turner, president, EMEA at CyberArk. “That innate, emotive and traditional desire we have to protect the human users and their identities is unquestionably important, but machine identities are just as valuable to attackers, and need to be understood and protected to the same extent. To truly safeguard your digital infrastructure, you need to recognise that - in certain circumstances, and particularly through an attacker’s lens - all identities, whether human or non-human, have the potential to be privileged and therefore require the right level of privilege controls. Prioritising robust security hygiene, such as continuous monitoring and management of machine credentials, isn’t just a task to check off — it’s a critical strategic move. Failing to do this now could lead to serious issues down the line, so it’s imperative that businesses take action.”
