The Cybersecurity and Infrastructure Security Agency (CISA) has refreshed its listing of cybersecurity bad practices that should be eliminated.
Cyber threat actors frequently carry out highly sophisticated attacks to obtain access to internal systems and sensitive files, however quite often sophisticated methods, techniques, and procedures aren’t needed. The Bad Practices Catalog was developed in July 2021 to increase understanding of a few of the most egregious mistakes in cybersecurity that permit attackers to work.
There have been a lot of listings publicized on cybersecurity best practices to abide by, and whilst it is essential that those practices are adopted, it is crucial that these bad practices are removed, particularly at companies that assist critical infrastructure or national critical functions (NCFs). These bad practices considerably raise the risk to the critical infrastructure depended on for national protection, economic steadiness, and life, health, and public safety.
During the time the Bad Practices Catalog was initially published, two entries were included. First on the listing is the continuing usage of software programs that have gotten to end-of-life and is no more supported by the software creator. With no support, there are no more patches released to fix vulnerabilities, which could be quickly exploited by cybercriminals to acquire access to internal sites.
Second, and similarly egregious, is the inability to modify standard credentials and passwords that are recognized to have been exposed in data breaches or were in any other case compromised.
The most recent addition is the usage of single-factor authentication for remote or management access to systems. Single-factor authentication refers to the use of a username and password to protect an account. Although this gives a level of safety, it isn’t adequate to withstand the brute force tactics of hackers. Any Internet-facing system should be safeguarded with multi-factor authentication, which calls for an extra authentication factor to be given besides a password before allowing access to the account or system.
One research performed by Google, along with the University of California San Diego and New York University, confirmed multi-factor authentication is useful at preventing 66% of targeted attacks, 99% of bulk phishing attacks, and 100% of automated bot attacks, although Microsoft Director of Identity Security Alex Weinert discussed in a blog post in July 2019 that multi-factor authentication will prevent 99.9% of attacks on accounts.
CISA thinks these practices to be extremely risky, specifically when they apply to software programs and technologies that are available online. Although it is well known that these practices are risky, they remain highly common and frequently permit hackers to acquire access to internal systems to steal sensitive records and perform ransomware attacks.