Wired article, "Inside the Cyberattack That Shocked the US Government" had several phrases that rang true and seemed deserving of as much attention as daily flossing (perhaps not the most glamorous or pleasant of tasks yet with possibly dramatic improvements in one's social standing).
Main takeaways (for me):
Main takeaways (for me):
- "Basic hygiene":
- ...“basic hygiene”—that is, making simple upgrades that can drastically reduce an organization’s susceptibility to attack. These include measures such as keeping current with the latest software patches, reducing the number of network users with administrative privileges, and, above all, broadening the adoption of multifactor authentication.
- “Don’t waste a good crisis,” - i.e. use a disaster as the motivation, driving force to implement better security such as "basic hygiene" above.
- "Better cooperation" - "between public and private sector" in the article - and within the department and company: sharing information on suspected threats with all stakeholders has the potential to radically speed up both detection and mitigation.
- "...fundamental flaw in our approach to security: We’re overly focused on prevention at the expense of mitigation. One reason these attackers can do so much damage is that the average time between a malware infection and discovery of the attack is more than 200 days, a gap that has barely narrowed in recent years."
- "The first item groups like these usually swipe is the master list of credentials—the usernames and passwords of everyone authorized to access the network. The group’s foot soldiers will then spend weeks or months testing those credentials in search of one that offers maximum system privileges; the ideal is one that belongs to a domain administrator who can decrypt data at will. To minimize their odds of tripping any alarms, the attackers will try each credential only once; then they’ll wait hours to try the next. Since these hackers are likely salaried employees, investing that much time in an attack is just part of the job.
"There is a straightforward way to foil this approach: multifactor authentication."
No comments:
Post a Comment