PAW is a blueprint to prevent active directory domain compromise by mimikatz. A local admin or cached credential would work as well but I am 100% sure the system is Bitlocker protected.
I am not 100% sure that they are encrypted. Note that I do work in IT and it would be standard practice to encrypt, and a really really dumb idea not to, but keep in mind how stupid these people are. Hunter having an unencrypted laptop with so much bad shit on it. Voting machines with databases that don't even have password protection. Terminals left logged in, at DC offices with the evacuate alert still open on the screen. These people communicating over technology that they know is being logged by the NSA. It honestly wouldn't surprise me if the hard drives are completely unencrypted, going against all standard IT practices in the book.
Without a doubt Bitlocker. But it would be incredibly stupid to store anything of value on those machines, even with bitlocker. Security in depth. That is not a SIPR machine so anything of value should be on a separate domain accessible through secure VPN or something.
Those hard drives are useless without the keys to unlock them.... unless we happen to get someone from Microsoft here willing to use the Bitlocker source code to create a hack for us... and even then that assumes that the encryption isn't one of those RSA algorithms that's basically a one way hash....
They HAVE TO BE ALL encrypted with Microsoft Bitlocker. Have to be Seriously, if not, their IT people are fucked up.
More than likely they use those machines as a 'PAW' (Privileged Access Workstation) to get into the actual system. In other words, a dumb terminal.
I bet her passwords were stickied to the underside of her keyboard though.
PAW is a blueprint to prevent active directory domain compromise by mimikatz. A local admin or cached credential would work as well but I am 100% sure the system is Bitlocker protected.
I am not 100% sure that they are encrypted. Note that I do work in IT and it would be standard practice to encrypt, and a really really dumb idea not to, but keep in mind how stupid these people are. Hunter having an unencrypted laptop with so much bad shit on it. Voting machines with databases that don't even have password protection. Terminals left logged in, at DC offices with the evacuate alert still open on the screen. These people communicating over technology that they know is being logged by the NSA. It honestly wouldn't surprise me if the hard drives are completely unencrypted, going against all standard IT practices in the book.
Without a doubt Bitlocker. But it would be incredibly stupid to store anything of value on those machines, even with bitlocker. Security in depth. That is not a SIPR machine so anything of value should be on a separate domain accessible through secure VPN or something.
Those hard drives are useless without the keys to unlock them.... unless we happen to get someone from Microsoft here willing to use the Bitlocker source code to create a hack for us... and even then that assumes that the encryption isn't one of those RSA algorithms that's basically a one way hash....
Let's hope someone got the data onto a USB stick, or where otherwise able to decrypt the drive.