The National Security Agency, Cybersecurity and Infrastructure Security Agency, the FBI and international partners have released a joint advisory on weak security controls and poor cyber hygiene practices and security configurations that threat actors use to secure initial access to a victim’s computer system.
Some of the techniques that malicious cyber actors use to gain access to a victim’s network are phishing, external remote services, trusted relationship and exploitation of public-facing applications, NSA said Tuesday.
The advisory outlined several common weaknesses that hackers exploit, including incorrectly applied privileges and errors within access control lists; unpatched software; failure to enforce multifactor authentication; unprotected cloud services; and use of vendor-supplied default configurations.
“As long as these security holes exist, malicious cyber actors will continue to exploit them,” said Rob Joyce, cybersecurity director at NSA as well as a 2022 Wash100 Award winner.
“We encourage everyone to mitigate these weaknesses by implementing the recommended best practices,” added Joyce.
U.S. federal agencies and cybersecurity partners from Canada, New Zealand, the Netherlands and the U.K. recommended several actions organizations should take to mitigate risks and build up network defenses against weak security practices and controls.
Best practices to safeguard systems include controlling access, establishing centralized log management, employing detection tools and keeping software updated.
