Insufficient Access Control

Critical nodes in your infrastructure must have proper access controls enabled. Users, Administrators, and data handlers must have accounts created with their corresponding access levels. We often discover different nodes (cameras, printers, IoT devices) with insufficient or even non-existing different levels of access control. Relative to the security policies set by the organization, there should be different access privileges based on the principle of least privilege and the need to perform required tasks.

Cryptographic Weaknesses

Often times, communication to different equipment (security cameras, switches, printers), and either externally or internally, is done through unencrypted protocols (such as http rather than https). This leaves the communication between these nodes susceptible to interception in transit.

Information Leakage

There should not be disclosure of information that can be utilized to mount an attack on the infrastructure. An example includes versions of infrastructure components that can be then utilized to look for known, publicly available vulnerabilities associated with that version

Weak or Default Identification and Authentication Configuration

The default credentials for access control to different network equipment is never removed, this can lead to unauthorized access. For example, a switch with default credentials for account name “admin” and password “admin” is never removed. Attackers have lists of default credentials, just as regular users, and can use this to gain authorized access to your equipment.

Insufficient logging, monitoring and backup

Sufficient logging must be enabled, including for unsuccessful authentication attempts to critical infrastructure. Monitoring of logging should also be implemented, as well as backup of critical data, in either an incremental or differential manner periodically. Backups should be tested periodically to make sure they are indeed recoverable.

Utilization of End-of-Life Software

Software that becomes end-of-life should no longer be utilized in the infrastructure since no new patches or support will be made available. An example is utilizing of Python 2 in an environment when it has now reached end of life and Python 3 would be suggested

Use of Known Vulnerable Components

Relative to the publicly available vulnerabilities associated with known components, organizations should use the least possible vulnerable components. Often times vulnerable components can be patched or updated to diminish vulnerabilities and hence risk.

Service Misconfiguration or Security Non-Optimization

Some services require additional configuration to enhance security. For example, SSH is a key service critical to infrastructures, allowing remote connectivity and configuration to the corresponding set of systems; it must be properly configured for security. This includes limiting the number of tries of unsuccessful login attempts, thereby making it harder for attackers to use dictionary attacks to guess the password with unlimited tries. Password complexity and length should also be altered to add to the benefit of limit tries.

Weak or Non-optimized Wireless Security

When possible WPA3 should be utilized, and WPA1 should be avoided. The standard is moving away from WPA2 and towards WPA3 but WPA2 is still the most advanced protocol offered in many current day devices