AD is protected by information security teams in every organization since it is necessary for many sensitive processes like credentialing, authentication, and network access. Moreover, AD is needed each time users, apps, Internet of Things devices, and other crucial network connections link to an enterprise’s systems. Hackers always aim for an active directory since they are aware of this. Businesses must so follow the best practices for active directories.
One instance of a serious AD breach is the healthcare.gov hack from 2018. Attackers may access the database and reveal over 75,000 files containing personally identifiable information (PII) by using credentials that they had stolen.
Another instance is when hackers broke into the Saudi Arabian office network of Virgin Mobile, taking control of the organization’s email system and Active Directory domain controller, and then selling the stolen data on the dark web.