Unintentional Security Issues

Easy the users and admins are humans and humans made mistakes 

There were many times that because a mistake made by a human the system fail an thats a real issue when for example that human works at AWS and unintentionally breaks the internet of half of USA.

 It’s human to make errors but thankfully these errors can be 100% prevented. A mixture of strategies may help to prevent human errors from turning into security incidents.
When looking at attacks today, most people think external attacks are the biggest problem for organizations and where they need to focus most of their energy. However, it is important to distinguish between the source of an attack and the cause of damage. While the source of most attacks is absolutely external, the cause of damage is often the accidental insider. Adversaries recognize that it is too hard to directly break into servers and compromise an organization externally. It is much easier to target an insider, trick that person into opening an attachment or clicking on a link through social engineering, and then leverage his system as a point of compromise.  In many cases, the activity that is used to compromise an insider typically revolves around executable attachments, macros in office documents and HTML embedded content. What can an organization do to properly protect itself against insider threats? Most organizations believe greater security awareness is the answer to minimizing accidental insider attacks; this means ensuring employees better understand the dangers and exposures. While I am a big fan of awareness, organizations have to remember that no solution will solve every problem.  Awareness is good for basic attacks where there is something visibly wrong with the email or information received by the user. However, with advanced adversaries and more sophisticated phishing attacks, the information received looks identical to real communication, thus the reason it is often successful. Awareness will not help in this case. The solution to these sophisticated attacks is to remove the vector of attack.  Insider threats are often targeted by attachments in email or embedded Web links that are used to cause harm and compromise a system. The following are four categories of actionable controls that enterprises can put in place to minimize the harm of the unintentional insider attacks.

Comentarios

Publicar un comentario

Entradas más populares de este blog

Best Practices for DDoS

I found this  doc ument from Google that explains the best practices to this cases. GCP load balancing solution has DDoS mitigations built-in lowering the attack surface: configure ingress firewall rules (like iptables) network load balancing has port filtering. Any port that is not loadbalanced is dropped by GCP highly scaling frontend infrastructure HTTP/HTTPS loadbalancing can absorb and protect from IP spoofing and large SYN flood attacks. it has also fair-share allocation built-in  And Google Cloud Platform provides a number of features to defend against DDoS attacks. You can use these in conjunction with the above mentioned best practices and other measures tailored to your requirements to make your GCP deployment resilient to DDoS attacks. 
Leer más

Ethical issues security professionals

Physicians, attorneys and other professionals whose job duties affect others' lives usually receive, as part of their formal training, courses that address ethical issues common to their professions. IT security personnel often have access to confidential data and knowledge about individuals' and companies' networks and systems that give them a great deal of power. That power can be abused, either deliberately or inadvertently. But there are no standardized training requirements for hanging out your shingle as an IT security consultant or in-house security specialist. Associations and organizations for IT pros are beginning to address the ethical side of the job, but again, there is no requirement for IT security personnel to belong to those organizations. Why are ethical guidelines needed? The education and training of IT professionals, including security specialists, usually focuses on technical knowledge and skills. You learn how to perform tasks, but with little
Leer más

Operating System Security

Dentro de los principales sistemas operativos MacOS es de los más importantes, el día de ayer se descubrió una vulnerabilidad que permitía que un usuario invitado tuviera privilegios de administrador con un simple cambio en el nombre del usuario y varios enters, Pueden ver el descubrimiento original aquí Lo más interesante de esto es que 19 horas más tarde Apple ya tenia disponible en su centro de descargas una actualización al sistema operativo que solucionaba el problema. No existe sistema perfecto pero la velocidad de reacción y el compromiso de los creadores a mantenerlo seguro, confiable y funcional es lo que hace que sus usuarios permanezcan ahí.
Leer más