CISA Tips to Stopping Hackers: Poorly Implemented Security Controls

CISA Tips to Stopping Hackers: Poorly Implemented Security Controls

The easiest way hackers can infiltrate your network is through poorly implemented security controls. Despite steps taken to protect you organizations from attackers one wrong move could spell disaster for your company, this is why it’s important for you to address where your weaknesses are what you can do to fix them.

Luckily, the FBI and NSA in cooperation with other global security organizations, has provided a list of commonly exploited weaknesses caused by the lack of implementation of practical security controls. Here are some of the biggest mistakes you can make according to the FBI and NSA.

You can read the full report from CISA here

Multi-factor Authentication

MFA implementation is crucial to preventing remote desktop protocol takeovers from malicious, outside users. Through adding multiple forms of authentication, user and administrator accounts are granted an extra layer of security that goes beyond just a simple username and password. The most common mistake made when it comes to MFA is only implementing it to certain accounts as lower level accounts, CISA recommends not excluding “any user, particularly administrators, from an MFA requirement”.

Privileges and Permissions

Access control lists and rules are used to limit permissions and access to certain segments of an organizations network. When enforcing access control rules it is important to follow the “rule of least privilege” meaning that users within an organization only have access to what they require to perform business operations. CISA claims that incorrectly applied privileges or permissions could allow unauthorized users to have access to objects when they shouldn’t. This could lead to potential breaches in the future.

Password Policy

Passwords are you first line of defense when it comes to securing you applications and accounts you use everyday. Whether for personal use or within an organization it is important to practice good password hygiene as well as follow password policies put in place by administrators within your organization. Cyber criminals often use compromised login credentials to gain a foothold into your organization. To protect your network passwords need to be unique, complex, and long enough(at least 8 characters) to ensure hackers cannot utilize them.

Open Ports and Public Facing Infrastructure

One of the most often exploited vulnerabilities is public facing infrastructure that has not been adequately secured behind a firewall. This can come in the form of open ports or public facing web servers. Oftentimes cyber criminals will use scanning tools to uncover open ports and use them as a foothold to conduct more sophisticated attacks.

Phishing Schemes

Phishing schemes can be implemented in various different ways with the most common being emails. Oftentimes these emails may contain links, Word documents, or Excel files with malicious macros that execute after being opened by the user. While email filtering and endpoint detection tools may help reduce the amount of incoming phishing attempts, it is up to the user to be able to identify a potential attack and respond appropriately. The most effective way to educate your employees on how to detect and block phishing attempts is to make sure all users are up to date on their security awareness training.

Updating Policies

A common exploit used by bad actors is to use unpatched software or applications to access an organizations network. An unhealthy habit of some companies is delaying important security updates that provide important features for securing the technologies you use everyday. A firm updating policy is crucial to making sure any vulnerabilities are patched and secured before cyber criminals even have an opportunity to use them for malicious purposes.

It’s important for every organization to take these warnings to heart and protect both their networks and their clients. Poorly implemented security controls can result in a lot of damage to your organization. You can read the official alert to learn more about what common mistakes you may be making in your cybersecurity plan.

CorpInfoTech (Corporate Information Technologies) provides small to mid-market organizations with expert I.T. services including compliance assessment, cybersecurity penetration tests, and comprehensive business continuity planning services. Corporate Information Technologies can help organizations, quantify, create, refine, and mitigate the risks presented by business threatening disasters in whatever form they may be disguised.

Comments are closed

Learn More

Learn More
error: Alert: This Content is protected!