Reduce security risk with 3 edge-securing steps

July 1, 2024

The biggest hot-button issue in cybersecurity right now is the network edge. Exploitation of vulnerabilities on the perimeter has led to some of the highest profile cyberattacks of the year, including the breach of Microsoft through the exploitation of OAuth credentials, and this has led other cyber threat actors to pursue the same attack vectors even against smaller targets. By following a few specific guidelines, it is possible to reduce the vulnerability of an enterprise to these kinds of threats.

First, consider getting rid of SSL or web-based VPNs. Remote node management complicates several existing security problems, particularly the patching problem. Separate cloud solutions are required to manage remote node patching, and even in the best case scenario, it is still vulnerable to attack. A recent report from the Norwegian National Cyber Security Center (NCSC) has recommended fully abandoning SSL or web-based VPNs in favor of internet protocol security (IPsec) based VPNs with internet key exchange (IKEv2). If practical, consider making this substitution.

Second is password management. All too often, passwords are stored in places they’re not supposed to be, in a format they’re not supposed to be in. Hardcoded passwords or passwords stored in an inappropriate storage platform can be accessed by threat actors, giving them the tools to compromise entire networks. To avoid some of the major roadblocks, it is strongly advised that users should make use of automatically generated passwords stored in password managers.

Lastly, review who has access to your cloud assets. Often the key vector into a network is through a legacy client that still has cloud access. This was the case in the Microsoft breach. These incidents occur because enterprises do not pay close attention to who has access to cloud assets and allow legacy clients to maintain access without proper security. In order to prevent this, it is strongly encouraged that enterprises maintain a strict inventory of cloud access permissions and only give them out as necessary, removing them when they are no longer necessary.

More from Blackwired

December 16, 2024

CISOs need to consider the personal risks associated with their role

CISOs face personal liability for cybersecurity incidents, boosting accountability but increasing stress and deterring professionals.

Read more
December 9, 2024

The Shocking Speed of AWS Key Exploitation

AWS keys exposed online are exploited in minutes, highlighting the need for faster detection and response to prevent breaches.

Read more
December 2, 2024

Advanced Cyberthreats Targeting Holiday Shoppers

The holiday season sees increased e-commerce scams, with AI-driven phishing, fake sites, and data theft targeting consumers and businesses.

Read more