How To Protect Against Privilege Escalation Attacks:

Create strong passwords and change them regularly. This simple action can lower the risk of privilege escalation cyber attacks. If all administrator accounts have a strong password, hackers will struggle to take control of their accounts.

You can also protect against privilege escalation cyberattacks by monitoring login requests. Hackers may gain access by performing a brute force attack. Watch login requests. This way, you can see which users are attempting to log in, as well as how many attempts they’ve made and other potential indicators of compromise.

(1) Monitor for:

  1. Unusual DNS activity
  2. Antivirus/Endpoint alerts
  3. IDS/IPS alerts

(2) Activity preceding and following escalation attempts may produce detectable IOC
(3) Investigate and clear all alerts associated with the impacted assets

Contact us with questions about how GuardSight can help defend critical assets against cybersecurity threats, improve cybersecurity posture, and reduce overall risk for your company.