The US Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) have done so revealed A worrying number of seemingly obvious cybersecurity regulations are not being followed by many companies.
The organizations recently held a red-blue team exercise to identify the biggest security mistakes companies are making today, with the use of default credentials in software, systems and applications being the biggest mistake leading to cyber attacks.
Many of the tools and services that companies purchase for their operations come with pre-installed credentials. These factory defaults are only intended to be used during initial setup and should be replaced with stronger, unique credentials as soon as possible. However, many IT teams ignore this step and leave their endpoints with credentials known to hackers and other threat actors.
Safe by design
In addition to the default login settings, other major flaws include “improper separation of user and administrator rights” and “insufficient network monitoring.” In other words, IT teams often grant administrative privileges to low-level accounts for no apparent reason, and when those accounts are compromised, it becomes nearly impossible for IT teams to identify a malicious entity on their premises.
“Through the analysis of live and nested AD groups, a malicious actor may find a user account that has been granted account privileges that exceed their need-to-know or least-privilege role,” the advisory reads. easy avenues for unauthorized access to data and resources and escalation of privilege in the targeted domain.”
When it comes to network monitoring, there are many ways organizations are dropping the ball here, including not properly setting up various sensors to collect traffic and logs from the end host, it said.
Furthermore, CISA and the NSA appear to be shifting some of the blame to the developers who develop these products, urging manufacturers to adopt secure-by-design and secure-by-default principles. into the development cycle.
“By ensuring that software is secure by design, we can keep every organization and every American more secure,” CISA said in announcing the advisory. “We know that neither government nor industry can solve this problem alone, we must work together. We continue to call on every software company to commit to secure-by-design principles and take that crucial next step: publishing a roadmap outlining their plan to create products that are secure ‘out of the box’ by their design.”
Through The register