The NSA (National Security Agency) in conjunction with CISA (Cyber and Infrastructure Agency) have released an advisory to educate the wider public on their findings relating to the top ten cyber security misconfigurations.
The guidance aims to help organisations identify and remediate the potential security flaws in order to harden defences.
The below list detailing the top misconfigurations was compiled from the findings of both offensive and defensive assessments conducted by the NSA and CISA threat hunt and incident response teams.
Default configurations of software and applications
Improper separation of user/administrator privilege
Insufficient internal network monitoring
Lack of network segmentation
Poor patch management
Bypass of system access controls
Weak or misconfigured multifactor authentication (MFA) methods
Insufficient access control lists (ACLs) on network shares and services
Poor credential hygiene
Unrestricted code execution
By highlighting these misconfigurations, it equips organisations with the knowledge that the problems they face are not local to just their organisation.
It may also identify areas which are being overlooked and warrant prompt addressing due to their prevalence and pinpoint areas that could potentially be exploited by interested threat actors.
In the advisory, as well as highlighting potential areas for improvement, there are sections dedicated to providing mitigation advice.
To some, this information may appear routine or cliché. However, the advisory is evidence that organisations are not adequately addressing these problems and so it is encouraged that those in a position to implement technical changes review the advisory and consider the implementation of changes - where appropriate - or use the advisory to help strengthen their discussions regarding the threat that any existing problems pose.
Report all Fraud and Cybercrime to Action Fraud by calling 0300 123 2040 or online. Forward suspicious emails to firstname.lastname@example.org. Report SMS scams by forwarding the original message to 7726 (spells SPAM on the keypad).