Preventing pass-the-hash and similar impersonation attacks in enterprise infrastructures
Preventing pass-the-hash and similar identity replays in enterprise infrastructures
Industrial espionage through complex cyber attacks such as Advanced Persistent Threats (APT) is an increasing risk in any business segment. Combining any available attack vector professional attackers infiltrate their targets progressively, e.g. through combining social engineering with technical hacking. The most relevant targets of APT are internal enterprise and production networks providing access to top-secret information. This work focuses on preventing Pass-the-Hash, one of the biggest and most long-standing security flaws present in enterprise domain networks. The introduced approach can be applied further to make password theft pointless for attackers in general, and is capable of extending network protocols, that are unprotected by themselves, with approved security mechanisms. T he protocols do not need to be modified and already existing network services can stay untouched when integrating the solution into enterprise infrastructures.