Computer and Networking Shortcuts Create Vulnerabilities

Most victims of cyber-crime created the vulnerabilities that allowed their computer, network, email account, website, or other service get hijacked.  In many cases, especially in the consumer or small business networking environments, they just don’t know what to do, or what to be looking for.  But even in business network environments where IT professionals have been in charge of operations, decisions are made with a view to providing user convenience instead of user security.

Here’s a list from RSA 2019 keynote speaker and cybersecurity researcher Paula Januszkiewicz of CQURE.

  • Passwords – Short and simple passwords that are reused or shared make it easier for an attacker to connect to a computer network.
  • Windows Firewall  – Misconfigured or disabled Windows or other endpoint firewalls can make it easier for an attacker to move laterally once on the network.
  • Flat networks – Simple, one layer networks may be easier to manage, but they are easier for an attacker to traverse, too.  Using VLANs and other network segmentation tools can help keep your network more secure.
  • Network Firewall – Make sure that rules are properly configured for network edge security devices such as firewalls, or IDS/IPS systems.
  • Application Whitelisting – Limit application installation to those programs that are approved for use on the network, and block user installation privileges to anything else.
  • SMB Signing – There are a ton of vulnerabilities that show up for Microsoft’s Server Message Block (SMB).  Generally firewall rules prevent using SMB from the Internet side, but SMB signing help block SMB exploits used by attackers already inside the network.
  • Old Protocols and Default Settings – Using protocols that are inherently insecure, such as telnet and file transfer protocol, or continuing to use deprecated security protocols such as SSL create opportunities for attackers.
  • Service Accounts and Privileged Accounts – Service accounts are  used by the operating system, and often have root or administrative permissions.  Passwords for service accounts are stored in the registry.  Administrative and other high privilege accounts need to be secured with long and strong passwords, and two-factor authentication when available.

Vulnerability scanning and penetration testing can help business owners and their IT staff to find weaknesses in their defenses.  Resist taking the easy path when configuring your network.

0

About the Author:

Cybersecurity analyst, pen-tester, trainer, and speaker. Owner of the WyzCo Group Inc. In addition to consulting on security products and services, Bob also conducts security audits, compliance audits, vulnerability assessments and penetration tests. Bob also teaches Cybersecurity Awareness Training classes. Bob works as an instruction for CompTIA’s non-profit IT-Ready Program in the Twin Cities. IT-Ready is a tuition free 8-week program designed to teach students of all ages the fundamentals of IT support to prepare them for an entry level position in Information Technology Support. Graduates of the classes take the exams to become CompTIA A+ certified. Bob is a frequent speaker at conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. Bob has been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com

Add a Comment


This site uses Akismet to reduce spam. Learn how your comment data is processed.