Despite the considerable budget and resources most companies dedicate to protecting their networks from security breaches, most cyber attackers continue to exploit a handful of common vulnerabilities. It can be frustrating to realize hackers are introducing complex threats every day, yet these common security problems are the ones the bad guys will look for – and often find – first. A Dark Reading article recently highlighted seven of the most common root causes. Don’t forget about them.
One popular attack vector involves developers failing to validate input on new code. For example, software that is not fully tested prior to deployment is vulnerable to injection. Of course, testing is critical when deploying apps and software, but often companies lack the tools and resources to be thorough, especially when it comes to security implications. In order to support aggressive testing protocols, developers should consult IT and security professionals who can help change behavior and implement the most effective processes prior to launching the code.
When exposed, source code presents another popular attack vector, one that is instrumental to hackers as it makes it easy for them to find and exploit weaknesses with minimal effort.
But source code is always protected, right? You might think this is true. But a 2014 Business Insider article pointed out an example where, Facebook engineers had published source code information in Pastebin, a platform for storing and sharing text. This gave any hacker a vivid snapshot of Facebook’s digital world and the information stored within it. More recently, Yahoo was found to have used a weak algorithm to generate session cookies. This enabled hackers to bypass password protection and gain information while posing as legitimate users.
Distributed denial of service (DDoS) attacks most often prey on users who employ default usernames and passwords. The risk is only increasing as the bring your own device (BYOD) trend becomes more popular in office environments.
Employees rarely demonstrate the same discipline with their personal devices that corporate environments normally require, such as changing network passwords on a monthly or quarterly basis. Having the same password on multiple devices for long periods of time means that when a hacker accesses one, he or she has access to them all. Complex passwords and requiring frequent updates will help maximize protection.
Endpoint modeling can alert you to the telling behavior that precedes potential attacks, giving you time to act in defense of your systems.
Not having a proper patching strategy can leave your organization wide open to attack. Failing to apply patches issued by your software vendors exposes a known flaw that can be exploited by an attacker and result in a data breach. Software updates should be a priority.
No surprise that phishing emails and social engineering continue to be a significant issue for businesses. Despite efforts to educate employees, incidents of ransomware continue to skyrocket. But it is no less critical. Educate your users to recognize suspicious content and make them aware of known schemes immediately. And as mentioned before, encourage users to employ strong passwords to protect their accounts, at work and at home.
A common problem exposed in several data breaches last year involved data exfiltration. It is critical to ensure outbound data has a trusted destination and that the transfer is secure and closely monitored. Unsanctioned traffic is at a high risk of going to a system with a low or non-existent reputation. Expect data exfiltration to be a continued area of security concern in 2017.
Attackers are adopting more diverse and advanced techniques. Malware, social engineering, and exploit kits for example are difficult to detect and address, especially when organizations fail to use good network segmentation or employ types of monitoring solutions that assume infiltration is happening. One example of such a solution is endpoint modeling.
Endpoint modeling can alert you to the telling behavior that precedes potential attacks, giving you time to act in defense of your systems. Anomalous behavior is reported immediately, allowing you to discover malicious activity and act before an attack has taken place. Observable can help by arming you with endpoint modeling as a first line of defense, warning your IT team when changes occur and cause systems to behave out of character.
Getting better visibility into your network and improving your security couldn’t be easier. Sign up for a free, no-risk trial of Observable’s Endpoint Modeling solution, and change the way you see security.
Detect Threats Faster – Start Your Free, No-Risk Trial