‘Pass-the-hash’ or PtH is a type of cyber-attack that is completely invisible since it is not logged in any system and logs of the third parties including those that particularly log NTLM activity. Aorato, an Israeli security firm was told by Microsoft that it was a well-known issue.
It is shocking to know that nearly 95 percent of the companies (1000) are under the category of vulnerable people. The companies are getting more and more vulnerable to such attacks by misplacing their trust on Active Directory considering it to be the foundation stone for their IT infrastructure. Aorato suggests some external measures for risk mitigation that involve detecting the protocol anomalies related to authentication, keeping a vigil on clients’ unusual resource access, controlling the chances to steal away the NTLM hash or upgrading the latest patch on the systems.