NSA Hacker spills the beans of how to break into SMBs
Keeping your business’s data and server safe from cyber-attacks is hard work even if you know what you’re doing. This is compounded with the fact that the sophistication of hackers has steadily increased due to the readily available hacking tools available today on the internet.
This means SMBs are going to have be diligent and hunt for new ways to protect themselves. This includes consulting with experts and in this case an expert hacker. In a recent talk at Usenix Enigma Security Conference, Rob Joyce, details some of the security flaws and holes he uses to break into companies. Joyce who is the part of NSA’s Tailored Access Operation team, is in charge of breaking in and letting foreign adversaries and companies know of weak spot or weaknesses in their network.
Joyce who has been has a hacker with NSA for 25 years, recently became the head of the TAO team details some of the best IT security practices to practices companies and SMBs from NSA, hackers and intruders who want to break into their network and steal their data.
A list of the top security recommendations will be posted below.
1. Protect your credentials.
Having easy to crack or unencrypted passwords is a sure-fire way for hackers and intruders to gain access to your network.
Matter of fact, NSA targets and specifically looks for login credentials of network administrators and other high level IT professionals, as it gives them the permissions over network access and privileges they can use to infiltrate and make swizz cheese out of your network.
But this isn’t the only way to break into a network, as hardcoded passwords into software or transmitted in the clear old, legacy protocols, help the NSA gain access and navigate a network once inside.
This is why it’s important to ensure you’re passwords are properly encrypted and are secure. This ensures that it will be harder for an intruder to brute force their way into your network because an end-user had a weak password.
Additionally having your IT staff or IT outsourced provider introduce a password or workshop program on the best practices of storing, creating and using passwords can help protect SMBs from intruders and keep their data safe. This is mutually beneficial as it educates your staff on the best ways to not only store, but use passwords, and ensures that your IT staff are able to introduce and control the specific practices they think is best for your SMB.
This is one of the easiest and most overlooked cyber security practices a SMB can undertake to protect their staff and network.
2. Vulnerabilities can prove disastrous.
Due to the constant pace of technological innovations, and software patches, existing systems have vulnerabilities that if not updated can prove an easy way to break into your network.
This recently happened with Internet Explorer version 6-10, in which Microsoft stopped support and as such leaves many users who are still using IE version 6-10 exposed to vulnerabilities and exploits from intruders looking for a quick fix.
In his talk Joyce details some of the problems that having vulnerabilities in your SMBs network could have in your business, no matter the scope or size. The simple fact that you may pass a penetration test and get 97%, the last 3% could be targeted by intruders and hackers to break into your network and get their hands on your data.
This is why it’s important to routinely ensure your entire IT infrastructure is up to date and regularly checked for vulnerabilities in the system, through performing penetration tests. This will allow you to know if there are any weaknesses or vulnerabilities in your network, allowing you the time and space to patch and fix these irregularities before they are attacked by intruders and hackers.
This is why it’s important for SMBs to have a properly functioning IT staff or IT support provider who is equipped and knowledgeable about how to best secure and keep their network safe. Not doing so, can prove disastrous for businesses.
This can be further outreached with any applications that your SMB are using. This is because these applications will have access to your network and can prose a security risk they themselves have vulnerabilities or exploits with their software. Therefore it’s impertinent to ensure your cyber security is functional and that you also perform and routinely update to the latest firmware or use applications that you can trust.
Additionally, you want to also define and set parameters for any applications you are using. This will limit and act as a proactive step in ensuring if any applications is corrupted or exploited, it won’t impact or harm your entire network. This is because it will take administrative privileges to leave any lasting changes on your computer and downgrading these application won’t give them the resources or privileges to do so, leaving your entire network safe and sound in the time of an incident.
3. BYOD can prose unneeded security threats.
With the introduction of mobile devices in the workplace, this poses a new security risk for SMBs, for the simple that any BYOD policy will have to take into considerations the multiple uses of mobile devices, number of workers, sensitive data, and implement a proactive preventative plan in case of lost, stolen or hacked devices.
Allowing third-party games and applications on your phone is something that SMBs have to be mindful off. This third-party applications can host malware and leak your personal information and pose as a way into the confidential data held on your phone. This can be problematic for employees who are using their own mobile devices at work.
To prevent against this, it’s important to implement a strict mobile environment for work related to business or providing mobile devices to your workforce that they can use only during their work hours. This prevent against third-party software and malware being installed and having access to your network.
Additionally making use and installing security tools and applications on your mobile devices can ensure your data is continually protected against malware and exploits. This is because mobile devices are easy targets for malware due to their inability and lack of security present on the devices and with the lack of security practices by the majority of users, it makes it an easy target for hackers and intruders looking to get access to your data. Running and having security software on your device is something SMBs have to do.
4. Make it harder to break in.
Getting access to your entire network could be an easy task if you aren’t careful. Therefore making it harder to break into your network should be your first and foremost priority. Conducting routinely penetration tests can help illuminate and inform SMBs about weakness in their system and allow them the space and knowledge to improve and fix these issues before they become a major problem.
This is because it trains your team to think like hackers and how they would want to break into your own network, and when combined with your existing knowledge of cyber security can give you the upper hand to proactive patch and fix issues before they ever poses a threat to your IT network.
Additionally segmenting and making use of virtual systems can prove an interestingly proactive step in keeping you safe. This is because creating separate virtual environment or segmenting systems, allows you to the space and security to only housed information in one silos, keeping it safe in the event of a security breach or hack. This means only that infected environment will be lost, while the rest of your system stay intact and protected. This can be used for programs that are out of date, a practice zone for penetration tests, or used to host important data. Making use of virtual or segmented virtual environments is an easy and proactive step that the majority of businesses could take advantage of to make their business more secure and safe, by adding more an additional layer of security to their already existing security system.
Another precautionary step is application whitelisting. This is the practice of preventing unauthorized programs from running without permission and prevents against from harmful programs from running and installing malware, viruses or hacks. This can also prevent your computers from using unnecessary resources without your permission. Taking advantage and making use of application whitelisting is a relatively easy proactive step SMBs can use to protect their computers from hacker, exploits and malware.
For more information regarding virtual server management visit our service page.
5. Be diligent who you let into your network.
If you’re an SMB who outsources their IT or using managed services , it’s important for you to ensure you are duly protected and not giving up access to your entire network.
This is because a lot of companies end up giving permission and access to their network to a third-party and forget to remove those permission once their contract is done or leave it in tact and risk being attacked if the third-party company is infected.
To ensure your SMBs safety you have to be diligent and make sure to remove or only grant certain permission or access to your network, as this prevent unauthorized use or mismanaged use of resources and keeps your SMB safe.
This also applies to employees, as you only want to grant certain permissions and access to network according to their use and demand of workload. You shouldn’t be giving the secretary access to your entire IT infrastructure and similarly you should be giving access to your entire IT infrastructure to the director of IT. This prevent any unauthorized or weak points due to inexperience or knowledge level.
Additionally this also applies to employees who are no longer with your company. You want to remove their access to your network as this prevent from the revenge or unauthorized access to your data and privacy.
Being diligent and proactive about access and permissions you grant to your network is an easy fix and can prevent against problems in the long-term.
With the level of sophistication of hackers increasing year after year, it’s the responsibility of Canadian SMBs to ensure their cyber security is up to date and diligent to ensure their network is safe and sound from hacker, intruders, and exploits.