StateTech Magazine reports that a recent hack of the U.S. Treasury Department involving a compromised API key has spotlighted the growing cybersecurity threat posed by nonhuman identities, according to a new report from Delinea.
These digital accounts, used by applications, APIs, and services, often hold privileged access and are largely unmanaged, making them attractive targets for bad actors. Delinea estimates there are 46 nonhuman identities for every human one, and these accounts often lack routine oversight, such as credential rotation or multifactor authentication. "The impact of compromising a nonhuman identity can be far more severe than that of a human identity," warned Pierre Mouallem, Delinea's CISO. With government systems increasingly relying on machine-to-machine communication, nonhuman identities have become a significant attack surface, especially as AI agents proliferate. Experts recommend adopting identity lifecycle management, anomaly detection, and least-privilege access for these entities. Tools from vendors like Delinea can help IT teams monitor usage and enforce access policies, even across constrained government environments.
These digital accounts, used by applications, APIs, and services, often hold privileged access and are largely unmanaged, making them attractive targets for bad actors. Delinea estimates there are 46 nonhuman identities for every human one, and these accounts often lack routine oversight, such as credential rotation or multifactor authentication. "The impact of compromising a nonhuman identity can be far more severe than that of a human identity," warned Pierre Mouallem, Delinea's CISO. With government systems increasingly relying on machine-to-machine communication, nonhuman identities have become a significant attack surface, especially as AI agents proliferate. Experts recommend adopting identity lifecycle management, anomaly detection, and least-privilege access for these entities. Tools from vendors like Delinea can help IT teams monitor usage and enforce access policies, even across constrained government environments.
