Bit9 Sees A 150 Percent Increase In Targeted Domain Controller Attacks

Attackers, largely nation-states and cybercriminals, are targeting intellectual property

March 30, 2012

2 Min Read


WALTHAM, Mass.—March 28, 2012 – Bit9, the global leader in Advanced Threat Protection, today announced it has seen a 150 percent increase in the number of attacks on domain controllers year-over-year. Attackers, largely nation states and cyber criminals, are targeting intellectual property (IP) on these servers—everything from chemical formulas and vaccines to military data, and reports on global economic conditions. Rather than directly attacking the servers that house the information, the attackers are specifically targeting the domain controllers to gain access to all systems within the company.

Servers as a whole have become such a target for cyber criminals and cyber espionage in the past year that the 2012 Verizon Data Breach Report gave its “Pwny award” to servers because 94 percent of all data compromised involved servers, up by 18 percent over the previous year.*1

“Domain controllers hold the keys to the kingdom,” said Harry Sverdlove, chief technology officer at Bit9. “Hackers target them because after stealing an organization’s user credentials, they can come and go from the network as they please, accessing business critical servers, Web servers, file servers, and any other resource in the network, including a company’s most critical asset: its IP.”

Because domain controllers store authentication information for everyone at an organization, they have become highly strategic targets for cybercriminals intent on stealing business critical data and conducting protracted attacks. In less than 15 minutes, cybercriminals can break in to domain controllers—also called Active Directory servers—to gain access to all user logins and passwords across an organization. While this information is typically encrypted, using new tools available on the Internet, often for free, cybercriminals can reverse engineer large stores of passwords and credentials, within minutes.

In a recent report, Gartner recommends using application control solutions to protect servers: “Use approaches rooted in application control as the cornerstone of your server protection strategy, not signature-based anti-malware.”*2

For more information on domain controllers, the following resources are available on Bit9’s Website:

View the Bit9 domain controller whiteboard video on how domain controllers are targeted and how to protect them.

Find out how the Bit9 Parity for Servers solution protects domain controllers.

Read how a Fortune 1000 technology company protects its servers from advanced persistent threats.

Click to Tweet: @Bit9 Sees a 150% Increase in Targeted Domain Controller Attacks

About Bit9

Bit9, the global leader in Advanced Threat Protection, protects the world’s intellectual property (IP) by providing innovative, trust-based security solutions to detect and prevent sophisticated malware and cyber threats. The world’s leading brands rely on Bit9’s award-winning Advanced Threat Protection Platform for endpoint protection and server security.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights