• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

My TechDecisions

  • COVID-19 Update
  • Best of Tech Decisions
  • Topics
    • Video
    • Audio
    • Mobility
    • Unified Communications
    • IT Infrastructure
    • Network Security
    • Physical Security
    • Facility
    • Compliance
  • RFP Resources
  • Resources
  • Podcasts
  • Subscribe
  • Project of the Week
  • Latest News
  • About Us
    SEARCH
Compliance, IT Infrastructure, Network Security, News

10 Common Cybersecurity Mistakes Your Organization is Making

The 10 most common ways attackers gain initial access are not all that hard to secure, according to new CISA advisory.

May 23, 2022 Zachary Comeau Leave a Comment

10 Cybersecurity Mistakes, cybersecurity mandiant partner alliance

With more of the world relying on technology to connect and maintain business continuity over the last two years, malicious cyber actors have stepped up their game to exploit weaknesses in organizations’ IT infrastructure and conduct a broad range of attacks against both public and private entities.

However, network defenders and IT professionals can stop many of these attacks in their tracks by strengthening security controls, property configuring systems and practicing good cybersecurity hygiene, according to a joint advisory from the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and other cybersecurity agencies from the UK, Canada, New Zealand, and the Netherlands.

The advisory lays out 10 weaknesses that are commonly found during investigations into network breaches, including a lack of multi-factor authentication and other poor credential practices, misconfigured ports, poor access controls and other mistakes that can easily be avoided, much of which boils down to end user training and education.

For attackers, exploiting these weaknesses isn’t all that difficult, as much of the weakness comes from either user error for a poorly configured security infrastructure.

1. Multi-factor authentication is not enforced

For credential-stealing attacks, multi-factor authentication (MFA) is a tried and true method of keeping accounts secure, forcing anyone logging in to produce another form of authentication. Per the advisory, this is critically important for Remote Desktop Protocol, one of the most common infection vectors for ransomware. Administrators accounts especially should be configured with MFA.

2. Incorrectly applied privileges or permissions and errors with access control lists

Organizations should follow the principle of least privilege, which essentially means giving users just enough access to systems they need to do their job effectively. For example, a non-IT end user should not have administrator access, and should not be able to make changes to the organization’s IT infrastructure or move laterally.

3. Software is not up to date

When organizations don’t update software in a timely manner, they are opening themselves up to vulnerabilities in the software that were patched in the recent releases. Hackers are quick at leveraging newly discovered vulnerabilities once they are published, so admins need to be just as quick at patching their software.

4. Use of vendor-supplied default configurations or default credentials

A lot of the software and hardware an organization deploys comes out of the box with default usernames and passwords and overly permissive default configurations designed to make the products user-friendly, but those can lead to compromise if they aren’t reset and made more secure after deployment. This includes network devices, many of which use default administrator credentials to make setup easier, such as “admin” for both username and password. That, of course, is not hard to guess.

5. Unsecured remote services, such as a virtual private network

According to CISA, hackers have stepped up their attacks against remote services in recent years due to remote and hybrid work. Many of those services, including virtual private networks (VPN), need to be secure with MFA, a boundary firewall and intrusion detection systems.

6. Weak password policies

Enforcing strong password policies is one of the easiest ways organizations can help prevent cyberattacks, as hackers use a variety of different methods to gain initial access, including simply guessing passwords or using leaked passwords to try against a user’s other accounts. This is a common strategy when targeting RDP, according to CISA.

7. Unprotected and misconfigured cloud services

With organizations doing most of their work via the cloud these days, it’s important to make sure those services are properly configured and secured. Poor configurations can lead to data theft and cryptojacking, CISA says.

8. Open ports and misconfigured services exposed online

CISA calls this one of the most commonly exploited weakness, as malicious actors use scanning tools to find open ports to use as an initial access vector, with successful compromise potentially leading to gaining access to RDP and other high-risk services.

9. Poor email security

Phishing remains one of the most widely used attack methods, so organizations should deploy tools that block phishing attempts and scan attachments for malware before they are opened.

10. Poor endpoint detection and response

Hackers often use obfuscated malicious scripts and PowerShell attacks to bypass endpoint security controls, making it difficult for admins to detect attackers, according to CISA.

How to fix these issues?

CISA recommends controlling access and hardening policies, hardening credentials, keeping detailed logs, deploying antivirus and detection tools, and maintaining a patch management program, among other steps. Read the advisory for more information.

Tagged With: CISA, Cybersecurity

Related Content:

  • Google Password Manager Google Updates Password Manager For Unified Experience
  • VMware vSphere+ vSAN+ VMware Releases vSphere+ and vSAN+ to Enhance On…
  • Microsoft Cybersecurity Architect Expert Microsoft Adds New Expert-level Cybersecurity Architect Certification
  • Microsoft Basic Auth Prepare: Microsoft Begins Disabling Basic Auth in Exchange…

Free downloadable guide you may like:

  • Uber Advanced Technologies Group Drives its Business Forward

    The guiding principle for the new Uber meeting room redesign was “invisible comfort” to ensure that everyone could maximize productivity.

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Get the FREE Tech Decisions eNewsletter

Sign up Today!

Latest Downloads

Uber Advanced Technologies Group Drives its Business Forward

The guiding principle for the new Uber meeting room redesign was “invisible comfort” to ensure that everyone could maximize productivity.

Windows 11
Blueprint Series: Upgrading to Windows 11

Upgrading end users to Windows 11 could be one of the most challenging tasks IT has to face in the coming years. Although the new version is touted...

The State of the IT Department in 2022

The role of the IT professional has shifted from one that supports the business to one that is deserving of a seat at the table when it comes to ma...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!
Sharp Microsoft Collaboration HQ Logo

Learn More About the
Windows Collaboration Display

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

AV-iQ

Footer

TechDecisions

  • Home
  • Welcome to TechDecisions
  • Subscribe to the Newsletter
  • Contact Us
  • Media Solutions & Advertising
  • Comment Guidelines
  • RSS Feeds
  • Twitter
  • Facebook
  • Linkedin

Free Technology Guides

FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets

View all Guides
TD Project of the Week

Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.

Enter Today!
Emerald Logo
ABOUTCAREERSAUTHORIZED SERVICE PROVIDERSTERMS OF USEPRIVACY POLICY

© 2022 Emerald X, LLC. All rights reserved.