Shedding light on the threat posed by shadow admins - Help Net Security

Shedding light on the threat posed by shadow admins - Help Net Security

Few organizations would purposefully hand a huge responsibility to a junior staff member before letting them fly solo on their own personal projects, but that’s effectively what happens inside too many corporate networks: organizations delegate specific administrative access to user accounts so they can do a particular privileged task, and they promptly forget about it. These “shadow admin” accounts often get ignored by everyone except attackers and threat actors, for whom they are valuable targets.



Shadow admins pose a threat to organizations because these accounts have privileged access to perform limited administrative functions on Active Directory objects. AD administrators can delegate administrative privileges to reset passwords, create and delete accounts, or other tasks.


The danger is that these can slip off the radar, meaning they often operate without the security team’s ..

Support the originator by clicking the read the rest link below.