Removing User Admin Rights Could Have Prevented IMF Cyber-Attack

By Avecto Ltd, PRNE
Sunday, June 26, 2011

BOSTON and MANCHESTER, England, June 27, 2011 -

Avecto Ltd, the leader in Windows privilege management, today
revealed how removing user admin rights, through a policy of ‘least
privilege’, could have prevented the recent cyber-attack on the IMF

Whilst very few details of the major cyber-attack on the IMF
systems earlier this month have been released, it is highly likely
that end user activity unknowingly played a key role in the event.
It appears that the attack aimed to install software on the system
to create a ‘digital insider presence’ and took place over a period
of months. The hack used a technique known as ’spear phishing’
which tricks users into clicking on web links in their emails or
opening and running programs that give access to the users

Despite an e-mail from IMF chief information officer, Jonathan
, warning of increased phishing activity, employees
unwittingly continued to access malicious web links through
unsolicited or spoof emails, which set the attack in motion.

Preventing users from making unwanted desktop changes without
restricting them from performing their job function continues to be
a serious challenge for almost all organizations. Striking a
balance between providing users with a degree of control over their
desktop configuration and protecting the standard desktop build is
difficult, as this control often results in granting admin rights
to a user.

Mark Austin, chief technology officer at Avecto comments, “In a
connected age, it is almost impossible for large corporations to
police all web and email activity, opting in many instances to
trust users to be more vigilant and take the right course of
action. The nature of an automation attack relies on someone,
somewhere, making the wrong decision and opening the doorway for
attackers. However, by moving to a least privilege desktop,
corporations can significantly reduce their attack surface whilst
maintaining the level of flexibility that users require to perform
their roles.”

Additionally, data extracted from Microsoft’s vulnerability
reports confirm that the removal of admin rights from Windows users
is a mitigating factor for over 90% of critical

Avecto’s Privilege Guard enables organizations to empower users
through a policy of ‘least privilege’, which ensures they remain
productive wherever they are, without impacting the security
posture of corporate systems.

About Avecto

Avecto is the leader in Windows privilege management, helping
organizations to deploy secure and compliant desktops and servers.
With its award winning Privilege Guard technology, organizations
can now empower all Windows based desktop and server users with the
privileges they require to perform their roles, without
compromising the integrity and security of their systems.

Customers of all sizes rely on Avecto to reduce operating
expenses and strengthen security across their Windows based
environments. Our mission is to enable our customers to lower
operating costs and improve system security by implementing least
privilege. Avecto is building a worldwide channel of partners and
system integrators and is headquartered in Manchester, UK with key
regional offices in Andover, MA and Rotterdam, Netherlands. For
more information, visit href="">

Press Contact: Donna Shaw - Avecto Ltd - href=""> ,
Tel: +44(0)845-519-0114


will not be displayed