As we like to say in military briefings and publications, “BLUF” – or, “Bottom Line Up Front”.
So, BLUF: not implementing best security practices could be incredibly detrimental to your organization from a variety of aspects. And threat actors continue to exploit older vulnerabilities as patches are not expediently deployed.
This month, the GTIC Monthly Threat Report focuses on several topics which rely on good network security hygiene, along with good common sense, to keep all endpoints on a network secure.
First, NTT Security analysts take a look into the broader topic of election hacking. This isn’t happening just in the United States but is affecting democratic processes around the world. Granted, most security issues fall on vendors and states to ensure the confidentiality and integrity of an individual’s vote, but individuals need to be aware of the threats – not just efforts to hack voting machines and party websites, for instance, but efforts to influence elections via social media campaigns.
In the October 2018 GTIC Monthly Threat Report, NTT Security also takes another look at the cryptomining threat, this time being leveraged via a leaked NSA tool called EternalBlue.
Unsurprisingly, cryptojackers often infiltrate a system through social engineering or through vulnerabilities in a network’s perimeter. Meaning, if you’ve got cryptomining malware on your system, this is likely not your biggest concern; if a system has been compromised with cryptomining malware, it likely has other vulnerabilities as well.
The individual user – or network system administrator – needs to be aware of the threat, and implement best practices., not only to protect themselves from coinmining, but from all malware and attacks.
And NTT Security researchers take another look at vulnerabilities in home-use routers, as were observed in previous home routers since at least 2014. All of these issues, while locally mitigated, have global effects; the US elections are not the only elections targeted; cryptomining affects end-users worldwide, and Netcore routers are also used on a global scale.
Old vulnerabilities will continue to be targeted as long as users do not patch them. History shows us that it takes an enterprise almost a month, on average, to patch for known vulnerabilities – threat actors will continue to take advantage of this as long as users or administrators DON’T. PATCH.
While attackers continue to get better at what they do, they’ll likely continue to take the path of least resistance. This includes targeting the weakest points in our networks – and, since some enterprise networks are over a month behind in patching, at best, this makes for “easy pickins” for threat actors and cyber criminals.
All in all, know that the things you expect to be secure will not necessarily be so. These security issues, as with so many others which organizations face, come down to implementing best security practices. Ensure your organization takes precautions where it can; organizations need to be accountable for their own security, as well as that of their customers.