NSA, Allies Issue Cybersecurity Advisory on Weaknesses that Allow Initial Access
The Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA) and the FBI, along with allied nations, published a Cybersecurity Advisory today to raise awareness about the poor security configurations, weak controls and other poor network hygiene practices malicious cyber actors use to gain initial access to a victim’s system.
“Weak Security Controls and Practices Routinely Exploited for Initial Access” also includes best practices that can help organizations strengthen their defenses against this malicious activity.
“As long as these security holes exist, malicious cyber actors will continue to exploit them,” said NSA Cybersecurity Director Rob Joyce. “We encourage everyone to mitigate these weaknesses by implementing the recommended best practices.”
Some of the most common weaknesses include not enforcing multifactor authentication, incorrectly applying privileges or permissions and errors within access control lists and not keeping software up to date. The advisory recommends mitigations that control access, harden credentials, establish centralized log management and more.
CISA produced the advisory with help from NSA and other partners. That includes the FBI, the Canadian Centre for Cyber Security (CCCS), the New Zealand National Cyber Security Centre (NCSC-NZ) and Computer Emergency Response Team (CERT NZ), the Netherlands National Cyber Security Centre (NCSC-NL), and the United Kingdom National Cyber Security Centre (NCSC-UK) on the advisory. Many of the same cybersecurity authorities collaborated to release a complementary advisory on 27 April, which highlighted the top routinely exploited vulnerabilities from 2021.