Start Simple To Minimise Your Attack Vectors
Published on 06/01/2021
Cyber Security is becoming a major issue for organisations across the globe and according to a recent report by Positive Technologies, many businesses are still not implementing necessary basic security controls. This enables opportunistic attackers to breach their targets by exploiting simple vulnerabilities such as out of date patches, simple passwords and using automated hacking tools and scripts.
According to Positive Technologies report, ‘Penetration testing of corporate information systems External Pentest results 2020’, in 20 out of 28 Penetration Testing contracts (71%), its red team testers were able to breach their targets defences using tools and scripts readily available to inexperienced malicious actors.
It was found that bugs in web applications where patches were available, yet not applied were a particularly easy way to breach the networks. In 77% of the cases, web application vulnerabilities and configuration flaws allowed the red team to easily breach their limited defences.
Unfortunately for the organisations being breached, it wasn’t obscure, easily overlooked flaws which were exploited by the testers. Around 60% of the web application holes were deemed critical, whilst another 11% were deemed high risk vulnerabilities which should have been patched urgently.
The second most common method of breaching defences involved weak login credentials, with the red team able to brute force passwords for database management.
Finally, in 68% of the trials, it was discovered that the infiltrator would only have to take one or two steps beyond gaining an initial foothold to command full internal network access.
It is often the case that only the simplest of steps are required to sure up your organisation’s defences. In these instances, following a few simple steps would have been effective to deter opportunistic attackers and enhance your defences against those actively targeting your organisation.
Ensuring you have installed the latest updates to your operating system and applications is essential as these updates include important patches to known vulnerabilities and exploits. Without them you are open to attack as malicious individuals develop exploits which target the vulnerabilities the latest patch fixed. Therefore, users who have not yet patched their systems following an update are at risk.
Using strong passwords is vital not only to your organisation's security, but to the security of any account you have set up. The NCSC advocate using memorable, three-word phrases as passwords which include a combination of upper and lower case letters, numbers and symbols as this makes them much harder to crack. #thinkrandom https://www.ncsc.gov.uk/blog-post/three-random-words-or-thinkrandom-0
Using a password manager to store your passwords in a secure location and ensuring you don’t reuse passwords for multiple accounts will also increase your security posture.
In addition, we recommend visiting haveibeenpwned.com to see if your login credentials have been compromised for any of the accounts you hold, then changing passwords for any of the accounts which appear on the list.
Ensuring all employees have their own personal login credentials ensures that each employee only has access to the technology and area of your network they require to perform their role.
Segregating your network means that in the event a malicious individual was able to breach your defences, their lateral movement would be restricted, as would the damage and disruption they would be able to cause.
Setting privileges also ensures that employees can only access the company data they need, preventing unauthorised access to company computers, account and data, reducing the likelihood of breaches from within.
Strong security hygiene and strengthening your defences against cyber threats begins with strong foundations. Implementing the basics and performing Penetration testing every year and after each major version change or upgrade, to ensure any weaknesses are identified and can be remediated before they can be exploited. SES would also recommend performing regular Vulnerability Assessments in addition to Penetration Testing to regularly examine your systems for known vulnerabilities.
If you are interested in finding out more about how SES can help improve your organisation's security posture, please get in touch.
© SES Secure Limited and ses-escrow.co.uk, 2021. Unauthorised use and/or duplication of this material without express and written permission from this site’s author and/or owner is strictly prohibited. Excerpts and links may be used, provided that full and clear credit is given to SES Secure Limited and ses-escrow.co.uk, with appropriate and specific direction to the original content.