Securing the Infrastructure and Network
Here we assess the infrastructure and network environment, including external, internet facing components as well as internal segments, for issues pertaining to confidentiality, integrity, and availability
Common Types of Infrastructure and Network Vulnerabilities
Insufficient Access Control
Critical nodes in your infrastructure must have proper access controls enabled. Users, Administrators, and data handlers must have accounts created with their corresponding access levels. We often discover different nodes (cameras, printers, IoT devices) with insufficient or even non-existing different levels of access control. Relative to the security policies set by the organization, there should be different access privileges based on the principle of least privilege and the need to perform required tasks.
Often times, communication to different equipment (security cameras, switches, printers), and either externally or internally, is done through unencrypted protocols (such as http rather than https). This leaves the communication between these nodes susceptible to interception in transit.
There should not be disclosure of information that can be utilized to mount an attack on the infrastructure. An example includes versions of infrastructure components that can be then utilized to look for known, publicly available vulnerabilities associated with that version
Weak or Default Identification and Authentication Configuration
The default credentials for access control to different network equipment is never removed, this can lead to unauthorized access. For example, a switch with default credentials for account name “admin” and password “admin” is never removed. Attackers have lists of default credentials, just as regular users, and can use this to gain authorized access to your equipment.
Insufficient logging, monitoring and backup
Sufficient logging must be enabled, including for unsuccessful authentication attempts to critical infrastructure. Monitoring of logging should also be implemented, as well as backup of critical data, in either an incremental or differential manner periodically. Backups should be tested periodically to make sure they are indeed recoverable.
Utilization of End-of-Life Software
Software that becomes end-of-life should no longer be utilized in the infrastructure since no new patches or support will be made available. An example is utilizing of Python 2 in an environment when it has now reached end of life and Python 3 would be suggested
Use of Known Vulnerable Components
Relative to the publicly available vulnerabilities associated with known components, organizations should use the least possible vulnerable components. Often times vulnerable components can be patched or updated to diminish vulnerabilities and hence risk.
Service Misconfiguration or Security Non-Optimization
Some services require additional configuration to enhance security. For example, SSH is a key service critical to infrastructures, allowing remote connectivity and configuration to the corresponding set of systems; it must be properly configured for security. This includes limiting the number of tries of unsuccessful login attempts, thereby making it harder for attackers to use dictionary attacks to guess the password with unlimited tries. Password complexity and length should also be altered to add to the benefit of limit tries.
Weak or Non-optimized Wireless Security
When possible WPA3 should be utilized, and WPA1 should be avoided. The standard is moving away from WPA2 and towards WPA3 but WPA2 is still the most advanced protocol offered in many current day devices