Article by one of our Subject Matter Experts
One of the great things about working on cybersecurity is that you get a lot of cool ideas to keep your organization safe. You also see the worst mistakes that leave you and your customers at risk.
Continue to learn about the five most common internet bugs and how to fix them
Mistake #1) Believing breaches are only big events
We know from the last few years of Verizon Data Breaches data that the time between an organization is infected and the time you realize it is growing. Cyber attacks are sometimes hard to spot and, although you do, it is hard to say what is at stake. Ordinary defense teams are set up to detect and warn of major incidents that could leave minor incidents unnoticed. The problem here is that this attack can continue for a long time, without detection, and can actually do great damage by extracting a little data.
Early symptoms of an attack are often seen as just a system crash and are often sent to the IT team to add to their to-do list. However, doing so actually limits your time to find and launch counter-attacks to keep your information safe.
Mistake #2) Not knowing what has been compromised
So in the first point we found out how we can find a violation quickly. However, once you have identified a risk factor you should start the process of finding out what was affected.
Organizations are more complex and their networks are even more complex. With billions of accessibility relationships, hundreds of machines, and a ever-increasing risk list every day, it seems impossible. Risk is not the only risk factor; the list of Federal and industrial laws is growing too. With breaking news, customers and employees have a new standard of security expectations. It is important to keep a record of all access relationships and what resources they can access. Also, you should be able to create an attack model to give your organization an idea of the options the attacker can take once within your system.
Mistake #3) No Penetration Testing
One of the best ways to deal with potential threats is to do entry tests. This is the process by which you check the security of your software before the attacker gets a chance.
To do this, testers use tools that mimic robberies to identify and control holes in security. The type of holes that can lead to real-time loss of cardholder information, IPs, personal records, health information, ransomware, or other malicious attacks.
This is an important part of broader internet security. By checking in, your company or development team can detect security risks, compliance gaps, and mimic the real-world consequences of data breach on a large scale.
This can also be done to prepare information protection teams to handle cyber attacks, and to practice their response time. Similarly, security budgets can be planned, and key data areas can be protected after strict security measures.
Without this simple but effective process, your software will be exposed to major threats down the line, as you actually leave it open to the risk of compromising your software. Chances are there (unless you are a smart engineer) that you can do it.
Mistake #4) Hardcoded Passwords, Active Backdoor Accounts & Poor Security
The biggest (and most common) mistake of checking to use background accounts during testing, forgetting their existence, and forgetting to remove them. Of course, it is unlikely that anyone will find it. But if they do, you could end up in a world of cyber attacks.
An example of this would be Cisco finding that they have left their back accounts open which gives attackers root access to vulnerable devices.
Similarly, Project Basecamp found that multiple administrator accounts and logins were firmly entrenched in the ICS firmware. However, when they informed the sellers, the response was a bit of a “whoops” and a quick explanation that these things were important.
In fact, these were large security holes that anyone could use.
Attacks can also occur internally, with poorly managed passwords in Capital One leading to serious data breaches. Although very different, strong cybersecurity, better password discipline, and more understanding of their software may have helped.
With any software, you check to make sure that when you are done any of the background accounts are retired and all login credentials are deleted. This is very easy to do, but is often overlooked, leaving attackers with an additional attack method in the future.
Mistake #5) Depending on the IT team
Earlier I mentioned how an online attack that might start as a mistake ends in an IT ticket line to determine when, and if, a team arrives. By doing this you not only pose a problem to the hard- working group, you only aggravate the problem by not holding yourself accountable, and others, who are responsible for identifying and reporting problems.
Incident management requires teamwork not only between the IT and Tasks team, but throughout the organization to identify and raise awareness of any confusion in your network. A responsive team should be formed across all sectors to strengthen team performance and the importance of online safety.
Mistake #6) Not having a backup plan
When Amazon started offering its core membership I thought it was crazy. Who can pay extra for a year just to get something sent to you in two days? What more could you need that you could not wait for more than two days? Admittedly, I am no longer the only major member but I have used the “Get It Now” option where I can even wait two hours.
in the world of “give it to me now”, it is difficult to explain that if an internet attack occurs, it will not be repaired and will have all the efficiency and effectiveness in two hours.
In the event of an attack you should go through steps to prevent unauthorized access, block malicious software, close holes or exchange servers, change passwords, filter through security programs, and more. These steps cannot be completed within a few hours so it is important that you have a backup plan in place to set up other operating arrangements in the event of a breach of the law.
Mistake #7) Understanding your liabilities
Many organizations spend their time worrying about lost time or damaged dignity when exposed to a violation of the law. What you often overlook, however, is the damage that can be done to stolen information.
The direct effects include capturing information as a violation of the ransomware scam that is evolving annually and widely disseminated where possible. Other impacts include regulatory penalties, both broad and industrial.
Additional liabilities may include such things as breach of legal obligations, breach of contract, breach of employment obligations and negligence. Make sure you consider (and perhaps share with your leadership) these debts when planning your defense budget.
No one wants his software to be at the heart of a massive internet attack. No one wants to be the next Abobe or Cisco. But as cybercrime escalates, and sophisticated attack methods are developed, it is no longer an unconventional software release.
The four biggest mistakes made by engineers come in the form of a clear lack of understanding of how their code could be compromised.
By recognizing that their code will have a natural vulnerability and acceptance from third party software, developers can strictly evaluate their software and prevent these errors from affecting their software.
Similarly, good post-test collection is important as it helps to ensure that background accounts and strong passwords are removed.
Proper data security should also be important, as leaving the data unprotected can lead to serious data breaches that will damage your customers and the reputation of your software.
To learn more about First IPO’s Video Interview Platform & participate in the mentoring programs by Top-rated mentors write to Sarvabandhu@firstipo.in