decrypting myths
The configuration
mistakes that
provide field days
for hackers
There’s no escaping the fact
that many modern cyberthreats
are incredibly sophisticated
and difficult to prevent. But
there are steps that CISOs
can take to stop hackers
leveraging some of the
preventable mistakes that can
leave organisations at risk.
Tim Bandos, Vice President
of Cybersecurity at Digital
Guardian, details the top
five configuration gaffes that
organisations must avoid to
reduce threat exposure.
S
ometimes it’s
the little things.
In hindsight,
more often than
not, getting
hacked can stem
from a minor
misstep or completely preventable
mistake. Common security mistakes
and overlooked misconfigurations
can open the door for malware or
attackers, potentially leaving your
environment and any exposed data
ripe for the picking. Avoid these top
five configuration gaffes to reduce the
threat exposure to your organisation.
Default credentials
It almost seems too obvious to include
here but leaving default usernames and
passwords unconfigured for databases,
installations and devices, by far, is one
of the most common and easy items for
a hacker to exploit.
Leaving default credentials on network
devices such as firewalls, routers or even
operating systems, allows adversaries to
www.intelligentciso.com
|
Issue 21
simply use password checking scanners
to walk right in. In more skilled setups,
hackers can simply stage a series of
scripted attacks geared at brute forcing
devices by focusing on either default
usernames and passwords, or basic
passwords like ‘qwerty’ or ‘12345’.
A few months ago, researchers
uncovered a Python-based web scanner,
Xwo, that can easily scan the web for
exposed web services and default
passwords. After collecting default
MySQL, MongoDB, Postgre SQL
and Tomcat credentials, the scanner
forwards the results back to a command
and control server. Leaving default
credentials on any device is akin to
leaving your keys in a locked door.
Even a 12-year-old with some Internet
access at home could majorly breach a
corporation just by using one of these
freely available tools on the Internet to
check for default credentials.
Password reuse
Having strong and complex passwords
isn’t the only action that needs to be
67