NSA: Here are the dumbest cybersecurity mistakes we see at large organizations

NSA: Here are the dumbest cybersecurity mistakes we see at large organizations

Author: Michael Kan | Source: PC magazine.

The NSA and US cyber authorities release a report on the top 10 cybersecurity misconfigurations the agencies have seen at large organizations.

It turns out forgetting to change the default logins on an IT system is one of the top cybersecurity mistakes that US companies and organizations are consistently making. On Thursday [October 5th], the NSA and the US Cybersecurity and Infrastructure Security Agency (CISA) released an advisory on the top 10 cybersecurity misconfigurations it’s been noticing at large organizations in the country.

  • At the top of the list is neglecting to change the default configuration on new software or hardware added to the organization’s IT network. The problem is details about the default configurations, including the login credentials, are often posted on the internet, making it easy for hackers to find through a simple web search. An attacker can then exploit the default credentials to easily move through a victim’s network or hijack devices, such as printers, scanners, and security cameras.
  • Second on the list is failing to limit system privileges for common users, also known as “Improper separation of user/administrator privilege.” This could involve granting a low-level employee at a company access to an entire  IT network. If a hacker manages to take over the employee’s account, then the whole network could be easily compromised. 

The NSA and CISA based the rankings on assessments from the “red and blue” or offensive and defensive security testing teams at the agencies. These teams have worked to protect the IT networks at the Department of Defense, the federal, state and local governments, along with the private sector. To prevent the common mistakes from being exploited, the NSA and CISA released the advisory in the hopes it’ll force the public, along with software makers, to take action

“The misconfigurations described in the advisory are too commonly found in assessments, hunts and incident response conducted by our teams and the TTPs (tactics, techniques, and procedures) are standard methods used by multiple cyber actors that have led to numerous compromises,” CISA warns

Related Articles