Applications to Protect Against The Latest Vulnerabilities
Order ID:89JHGSJE83839 Style:APA/MLA/Harvard/Chicago Pages:5-10 Instructions:
Applications to Protect Against The Latest Vulnerabilities
CIS502 discussion post responses.
Respond to the colleagues posts regarding:
Detective and Preventative Measures
Ideally, an organization can avoid incidents completely by implementing preventive countermeasures. When an incident does occur, an organization will want to detect it as soon as possible. Intrusion detection and prevention systems are some of the ways that organizations detect incidents. Security professionals need to understand common attack methods so that they can take proactive steps to prevent them. Select a common attack, describe the attack and how organizations attempt to prevent the attack from happening, and explain how they detect and respond to the attack. Research current news for attacks for the example you have provided.
AM’s post states the following:Top of Form
A common attack that organizations can suffer from is credential stuffing- which in some cases, can fall under the brute force attack category; in addition to being facilitated by Bots and botnet usage for automation. Credential stuffing is an automated attack against a website or application’s login system.
It relies hacked taking username-password combos that have been leaked from data breaches at other companies and attempts to use these leaked credentials to gain access to accounts on other sites.
Organizations like, Dunkin Donuts- Utilized a third-party vendor to identify log in attempts, as well as utilize authentication logs and authentication attempts from the same IP address or address pace, or by monitoring specific accounts as well.
In the case of Dunkin, they notified their consumers through a press release and forced a password reset, but also replaced impacted DD Perks account numbers and value cards. To be Proactive a company may want to require periodic password resets to address potential credential stuffing attacks as part of their overall risk management.
This is important because companies like Google, and Facebook provide authentication services for other websites, services, and applications. Accessing one account can lead to the use of other accounts as well.
Sources
JJ’s post states the following:Top of Form
The most common way for attackers to penetrate a network is through a phishing attempt. The attacker may send a seemingly innocent email to a colleague or you with a malicious link or an infected file attached.
Then, once the file is downloaded — the targeted person usually has no idea what they’ve done — the malware can infect your system and encrypt files on your computer, which locks users out and restricts access to them, and spread across your company’s network and infect other computers.
Ransomware is a big problem this continuing to grow. The methods used in ransomware is growing more sophisticated. Companies that use weak and insecure Remote Credentials are using the backdoor to get in. The latest victim is DCH Health System Their computers were infected because their network were penetrated. They cannot see new patients. Many healthcare systems are locked down by vendors, so healthcare systems often can’t be patched in the same way other sectors can patch. This means that healthcare organizations have to take other measures to protect themselves. The healthcare industries do not invest enough into their IT infrastructure. In a research conducted by Trend Micro, internet-connected medical-related devices and systems were analyzed, leading to the uncovering of exposed medical systems, healthcare software interfaces, and even misconfigured hospital networks. These exposed systems and devices can be abused by cybercriminals to infect hospitals with operation-halting threats, for example, the ransomware variant that caused the IT system outage in the three DCH Health System hospitals.
- Avoid opening unverified emails or clicking links embedded in them.
- Back up important files using the 3-2-1 rule: Create 3 backup copies on 2 different media with 1 backup in a separate location.
- Regularly update software, programs, and applications to protect against the latest vulnerabilities.