Security coalition finds average firm running 3 to 4 privileged accounts for each worker.
Companies are underestimating the threat from privileged user accounts, according to a report from a coalition of security firms.
Between 80-100% of serious security incidents involved privileged accounts in some capacity, and the average company was found to be running three to four times as many privileged accounts as they had workers, increasing the risk of breach.
Udi Mokady, chief executive of CyberArk, which led the report, said: " What the research discovered was the exploitation of privileged accounts occurs in almost every targeted attack, and is the primary reason why attacks are so hard to discover and stop.
"These accounts empower attackers to access secure networks and databases, destroy breach evidence, avoid detection and establish backdoors that make it nearly impossible to dislodge them from networks."
The coalition found that an average attack was taking place more than 200 days before it was detected, with some attacks remaining hidden for as long as 7 years.
Hackers can gain control of privileged accounts through a variety of means, either phishing for the login details of a high-ranking worker, or exploiting a software bug to assign greater privileges to an account already under their control.