• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

My TechDecisions

  • Best of Tech Decisions
  • Topics
    • Video
    • Audio
    • Mobility
    • Unified Communications
    • IT Infrastructure
    • Network Security
    • Physical Security
    • Facility
    • Compliance
  • RFP Resources
  • Resources
  • Podcasts
  • Subscribe
  • Project of the Week
  • About Us
    SEARCH
Compliance, IT Infrastructure, Network Security, News

10 Common Cybersecurity Mistakes Your Organization is Making

The 10 most common ways attackers gain initial access are not all that hard to secure, according to new CISA advisory.

May 23, 2022 Zachary Comeau Leave a Comment

Cybersecurity, BlackBerry report
sarayut_sy/stock.adobe.com

With more of the world relying on technology to connect and maintain business continuity over the last two years, malicious cyber actors have stepped up their game to exploit weaknesses in organizations’ IT infrastructure and conduct a broad range of attacks against both public and private entities.

However, network defenders and IT professionals can stop many of these attacks in their tracks by strengthening security controls, property configuring systems and practicing good cybersecurity hygiene, according to a joint advisory from the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and other cybersecurity agencies from the UK, Canada, New Zealand, and the Netherlands.

The advisory lays out 10 weaknesses that are commonly found during investigations into network breaches, including a lack of multi-factor authentication and other poor credential practices, misconfigured ports, poor access controls and other mistakes that can easily be avoided, much of which boils down to end user training and education.

For attackers, exploiting these weaknesses isn’t all that difficult, as much of the weakness comes from either user error for a poorly configured security infrastructure.

1. Multi-factor authentication is not enforced

For credential-stealing attacks, multi-factor authentication (MFA) is a tried and true method of keeping accounts secure, forcing anyone logging in to produce another form of authentication. Per the advisory, this is critically important for Remote Desktop Protocol, one of the most common infection vectors for ransomware. Administrators accounts especially should be configured with MFA.

2. Incorrectly applied privileges or permissions and errors with access control lists

Organizations should follow the principle of least privilege, which essentially means giving users just enough access to systems they need to do their job effectively. For example, a non-IT end user should not have administrator access, and should not be able to make changes to the organization’s IT infrastructure or move laterally.

3. Software is not up to date

When organizations don’t update software in a timely manner, they are opening themselves up to vulnerabilities in the software that were patched in the recent releases. Hackers are quick at leveraging newly discovered vulnerabilities once they are published, so admins need to be just as quick at patching their software.

4. Use of vendor-supplied default configurations or default credentials

A lot of the software and hardware an organization deploys comes out of the box with default usernames and passwords and overly permissive default configurations designed to make the products user-friendly, but those can lead to compromise if they aren’t reset and made more secure after deployment. This includes network devices, many of which use default administrator credentials to make setup easier, such as “admin” for both username and password. That, of course, is not hard to guess.

5. Unsecured remote services, such as a virtual private network

According to CISA, hackers have stepped up their attacks against remote services in recent years due to remote and hybrid work. Many of those services, including virtual private networks (VPN), need to be secure with MFA, a boundary firewall and intrusion detection systems.

6. Weak password policies

Enforcing strong password policies is one of the easiest ways organizations can help prevent cyberattacks, as hackers use a variety of different methods to gain initial access, including simply guessing passwords or using leaked passwords to try against a user’s other accounts. This is a common strategy when targeting RDP, according to CISA.

7. Unprotected and misconfigured cloud services

With organizations doing most of their work via the cloud these days, it’s important to make sure those services are properly configured and secured. Poor configurations can lead to data theft and cryptojacking, CISA says.

8. Open ports and misconfigured services exposed online

CISA calls this one of the most commonly exploited weakness, as malicious actors use scanning tools to find open ports to use as an initial access vector, with successful compromise potentially leading to gaining access to RDP and other high-risk services.

9. Poor email security

Phishing remains one of the most widely used attack methods, so organizations should deploy tools that block phishing attempts and scan attachments for malware before they are opened.

10. Poor endpoint detection and response

Hackers often use obfuscated malicious scripts and PowerShell attacks to bypass endpoint security controls, making it difficult for admins to detect attackers, according to CISA.

How to fix these issues?

CISA recommends controlling access and hardening policies, hardening credentials, keeping detailed logs, deploying antivirus and detection tools, and maintaining a patch management program, among other steps. Read the advisory for more information.

Tagged With: CISA, Cybersecurity

Related Content:

  • McGuire Sponsel meeting room with ClearOne solutions ClearOne Conferencing Solutions Help Clarify Audio and Reduce…
  • Malwarebytes Mobile Security for Business Malwarebytes Launches Mobile Device Security Solution
  • Microsoft Adaptive Protection Microsoft Launches New Machine-Learning-Enabled Adaptive Protection for Data…
  • OneNote Malware, Proofpoint Hackers Are Pivoting to OneNote Documents for Malware…

Free downloadable guide you may like:

  • Harnessing the Power of Digital SignageHarnessing the Power of Digital Signage

    Choosing the best solutions for messaging, branding, and communicating in today’s content-everywhere landscape

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Get the FREE Tech Decisions eNewsletter

Sign up Today!

Latest Downloads

Harnessing the Power of Digital Signage
Harnessing the Power of Digital Signage

Choosing the best solutions for messaging, branding, and communicating in today’s content-everywhere landscape

Blueprint Series Cover: What works for hybrid work
Blueprint Series: What Works for Hybrid Work

Download this free resource to learn about how IT leaders can effectively manage and implement a hybrid work model.

Guide to creating a ransomware response plan download
Blueprint Series: Creating a Ransomware Response Plan

Chances are ransomware hackers are researching your company right now. They’re investing time and money to choose the most profitable targets and a...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!
Sharp Microsoft Collaboration HQ Logo

Learn More About the
Windows Collaboration Display

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

AV-iQ

Footer

TechDecisions

  • Home
  • Welcome to TechDecisions
  • Subscribe to the Newsletter
  • Contact Us
  • Media Solutions & Advertising
  • Comment Guidelines
  • RSS Feeds
  • Twitter
  • Facebook
  • Linkedin

Free Technology Guides

FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets

View all Guides
TD Project of the Week

Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.

Enter Today!
Emerald Logo
ABOUTCAREERSAUTHORIZED SERVICE PROVIDERSTERMS OF USEPRIVACY POLICY

© 2023 Emerald X, LLC. All rights reserved.