CISA warns of risky behaviours that leave networks exposed to cyberattacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA), which leads the national effort to protect and enhance the resilience of the nation’s physical and cyber infrastructure, warns that “”exceptionally risky” [cyber] behaviors that can put critical infrastructure at extra risk of falling victim to cyberattacks”.
The three cyber security mistakes and behaviors to avoid are:
- Using unsupported software,
- Allowing the use of default usernames and passwords, and
- Using single-factor authentication for remote or administrative access to systems
According to CISA, these are all dangerous behaviors when it comes to cybersecurity and should be avoided by all organizations.
Using multi-factor authentication can help disrupt over 99% of cyberattacks. Microsoft
Use of single-factor authentication – where users only need to enter a username and password – was recently added to the list of risky behaviors. CISA warned that single-factor authentication for remote or administrative access to systems supporting the operation of critical infrastructure “is dangerous and significantly elevates risk to national security”.
Microsoft says that users who enable multi-factor authentication (MFA) for their accounts will end up blocking 99.9% of automated attacks.
Change default passwords as soon as possible, and use a sufficiently strong and unique password. CISA
CISA describes that using fixed or default passwords as “dangerous” and should be avoided at all cost. Default or simple passwords are good for cyber criminals because there’s a much higher chance of them being able to simply guess passwords to compromise accounts.
CISA also warns against the use of passwords that are known to have been breached previously, as that means they also provide cyber criminals with a simple means of gaining access to networks.
One in three breaches are caused by unpatched vulnerabilities. ZDNet
Finally, CISA warns that the use of unsupported or end-of-life software in critical infrastructure. By using software or operating systems that no longer receive security patches or updates, there’s the risk that cyber criminals could exploit newly discovered security vulnerabilities that emerge because old software often doesn’t receive security patches.
The 2017 WannaCry ransomware attack stands a shining example of what can go wrong when patches aren’t applied. While a patch for the vulnerability exploited by the ransomware had existed for several months, many organizations failed to install the it.
We're can't wait to launch the 18th annual #CybersecurityAwarenessMonth with @CISAgov in just over a week! Sign up to become a 2021 Champion and receive this year's updated toolkit and new resources: https://t.co/vVHKBJcC1u #BeCyberSmart
— National Cybersecurity Alliance (@StaySafeOnline) September 23, 2021
Takeaway
Reducing your organization’s cyber risks requires a holistic approach. CISA
Avoiding the use of single-factor authentication, default passwords and unsupported software will also help protect you and others from falling victim to cyberattacks.
To reduce risks, here are three cyber security actions that organizations should do first:
- Backup Data – Employ a backup solution that automatically and continuously backs up critical data and system configurations.
- Multi-factor Authentication – Require multi-factor authentication (MFA) for accessing your systems whenever possible. MFA should be required of all users, but start with privileged, administrative and remote access users.
- Security Patch and Update Management – Enable automatic updates whenever possible. Replace unsupported operating systems, applications and hardware. Test and deploy patches quickly.
References:
- https://www.zdnet.com/article/dont-want-to-get-hacked-then-avoid-these-three-exceptionally-dangerous-cybersecurity-mistakes/
- https://www.zdnet.com/article/microsoft-using-multi-factor-authentication-blocks-99-9-of-account-hacks/
- https://us-cert.cisa.gov/ncas/alerts/TA13-175A
- https://www.cisa.gov/sites/default/files/publications/Cyber%20Essentials%20Starter%20Kit_03.12.2021_508_0.pdf