Monitoring account logins to organizational servers and workstations is essential to identifying password cracking efforts, just as securing your front door is essential to protecting your home. Cybersecurity intruders are driven by the desire to access private information and systems, or to utilize that access to change their focus and move on to more lucrative targets like supply chain partners. According to the 2019 Verizon Data Breach Investigation Report, an astounding 80% of hacking-related breaches include weak or compromised credentials (DBIR).
Some essential techniques for reducing the attack surface include updated password procedures and login hygiene. Avoid recycling passwords—also referred to as using the same password across different accounts—such as personal and professional ones. Here are 5 easy ways to endure login attacks:
1. Implement behavior analytics: User and Entity Behavior Analytics (UEBA) capabilities serve as the benchmark for average user performance and can be used to spot suspicious activities such as logins from atypical or uncommon device or from logins that occur at odd times or locations. Insider irregularities and outside dangers can be quickly found using behavior analytics. Your user behavior cannot be stolen by hackers, even though they may be able to take your identity.
2. Secure privileged account logins by implementing two-factor authentication for privileged account users with “VIP” access to Active Directory and Domain Controllers, such as sysadmins. The temptation to turn every executive into a “super user,” which raises organizational risk, is reduced by policies of least privilege and role-based access control (RBAC) capabilities.
3. Improve security awareness training: Stress the significance of secure login procedures and good password hygiene. Since users are the weakest link, give advice on avoiding oversharing on social media that can reveal weak password details like a user’s birthdate, birthplace, or children’s names, for example.
4. Adopt the latest NIST password guidelines: The National Institute of Standards and Technology (NIST) recently released NIST 800-63, which contains long-overdue updates and suggestions for passwords and digital identities. The recommendations include eliminating certain complex letter and number password combinations, removing periodic password changes that merely prompt users to write them down or forget them, and comparing new user passwords against lists of both frequently used passwords and compromised passwords that have already been made public and likely offered for sale on criminal forums.
5. Decrease your attack surface by finding ways to get rid of legacy technology and antiquated procedures that could compromise your cybersecurity. By reducing the “blast radius” for hackers, segmentation, which divides key applications on your network into subsections, can improve control, performance, and cybersecurity. In order to reduce drift over time and spot unmanaged devices, such as those from rogue employees or visiting vendors, it’s crucial to continuously inventory your infrastructure.
Learn more about protecting your business. CYB3R-X can help!
