90% of organizations use Active Directory as their primary store for employee authentication, identity management, and access control. Any tampering with Active Directory can cause a devastating ripple effect across your identity infrastructure. By modifying Active Directory, attackers can get access to anything in the network. The SolarWinds attacks are another example of Active Directory’s dual role in protecting assets but also providing a launchpad for attackers at the same time. For many organizations, Active Directory is the Ring 0 of all your security; compromise it, and the attacker has the keys to the kingdom.
Source: https://www.helpnetsecurity.com/2021/01/19/rethinking-active-directory-security/