Bots Deployed With Access Privileges Might Come Back And Bite You

by Tim Sloane 0

 This blog in Finextra by Matt Middleton-Leal of CyberArk explains how helper Bots deployed in the enterprise to replace IT staff for some tasks, such as rebooting servers, can represent a significant threat to overall enterprise security:

“One of the ways in which the banks are streamlining processes is by adopting “bots”; applications which can perform pre-defined tasks faster, cheaper and more accurately than humans can. So, where an IT admin may be called on to regain operations, or resolve service, a bot could complete the same task automatically. It’s no surprise that IT tasks which were typically outsourced overseas – such as re-booting a server or allocating resources – are coming back to the UK in the form of bots to speed up response times and ensure resource goes towards higher value activities.

How bots could lead to breaches

Just like any human IT admin, however, the robots being used to complete these tasks need privileged accounts. These are valid credentials used to gain access to systems, providing elevated, non-restrictive access to the underlying platform that non-privileged user accounts don’t have access to.

Banks racing to introduce bots, without properly considering how to secure them, will open the institution up to new types of risks. If these privileged accounts were compromised, the attacker could move laterally through the bank’s infrastructure until they find the information (or funds!) they are looking for.”

Clearly credentials stored in Bots that are distributed across the enterprise would represent a growing security threat and a new attack vector for criminals. That said, as long as every Bot is implemented in a secure environment that risk can be managed. To lower the risk even further, perhaps Bot to Server communications can be further secured with cryptographic keys that are linked to specific IP addresses on the internal network, which would lower the chance that credentials are released into the wild or that commands sent from external locations would be obeyed.

Overview by Tim Sloane, VP, Payments Innovation at Mercator Advisory Group

Read the full story here 

Featured Content