"Western Allies Warn of Top Cyberattack Mistakes"

The security agencies of five countries have outlined 10 of the most common ways threat actors compromise their victims, most of which can be mitigated by basic cyber-hygiene best practices. Cybersecurity authorities of the US, Canada, New Zealand, the Netherlands, and the UK released the alert. The alert focuses on weak security controls, poor configurations, and sub-par security practices. Many of these relate to logins, including a lack of multi-factor authentication (MFA), use of default logins and usernames, an absence of strong password policies, and errors within access control lists. Unpatched software is also listed, as is a lack of sufficient security controls applied to remote access services like VPNs. The alert claimed that in many cases, MFA, firewalls, and intrusion detection/prevention (IDS/IPS) are not applied to these systems. The alert also stated that misconfigured cloud services, open ports, and misconfigured high-risk services such as SMB, RDP, Telnet, and NetBIOS also pose a significant threat to organizations. The alert also highlighted that failures to detect and block phishing attempts and poor endpoint detection and response opened the door to cyberattackers. In the alert, the security agencies also advised organizations to take the following mitigation steps:

• Control access by adopting a zero trust model and other measures.
• Implement credential hardening, including MFA.
• Establish centralized log management to improve threat detection.
• Deploy anti-malware on workstations and regularly monitor scan results.
• Deploy detection tools on the endpoint, network, and in the cloud, alongside vulnerability scanning.
• Maintain rigorous configuration management programs.
• Implement a software and patch management program.

Infosecurity reports: "Western Allies Warn of Top Cyberattack Mistakes"