There’s no shortage of cyber-attacks making the headlines, but what do they mean for you?
At CyberCX, we keep a close eye on the news to identify reports of the latest trends, issues and exploits.
Here we present a selection of recent news stories that caught our attention, and the important lessons we can learn to keep secure.
Don’t neglect physical security
Wi-Fi is an essential tool that facilitates greater efficiencies. Ensuring the security of the Wi-Fi network helps organisations protect customer and commercial information, personal data and business assets.
Wireless network penetration testing is an important security activity many organisations undertake to ensure their Wi-Fi systems are protected. However, just as important in any risk management framework is the physical security of the premises.
Having comprehensive physical security controls in place can prevent “man-in-the-middle” breaches, in which a Wi-Fi monitoring device is brought into the premises and used to monitor the internet traffic of people who are legitimately connect to the organisation’s Wi-Fi network.
CyberCX’s Security Testing and Assurance team regularly conducts physical environment penetration testing. By undertaking this activity, organisations can implement measures that help strengthen their physical security by preventing unauthorised entry, which in turn helps mitigate the risk of Wi-Fi monitoring.
Our team will analyse access points and recommend remediations to ensure only authorised individuals are able to access your premises. Contact CyberCX to learn how your organisation can incorporate physical environment penetration testing within your overall risk management approach.
Securing your search engine ranking
Websites are critical business assets. Many organisations invest years in improving their search engine rankings in an attempt to drive more traffic to their website. It is therefore important to consider the security of web hosting platforms, such as the popular content management system (CMS), WordPress.
Activities such as web application penetration testing and secure code reviews can help protect WordPress-hosted websites from a range of risks.
In a recent case, a WordPress-hosted website’s code was manipulated, resulting in the traffic being redirected to a server hosting fake e-commerce sites. As a consequence, the website’s strong search engine ranking was undermined, resulting in missed business opportunities.
It is thought such tactics may be used to extract a ransom in exchange for restoring the website’s search ranking.
For any organisation hosting its website on WordPress, it is essential to have strong authentication controls. Any user with access to the WordPress admin should be using strong passphrases and, preferably, Multi Factor Authentication.
You can further strengthen your website’s security by conducting regular web application penetration testing and secure code reviews. Such activities should form part of a broader risk management approach and will help you prevent breaches or the insertion of malicious code.
Speak to the CyberCX team to learn how our approach to application security can help your organisation protect this critical asset.
API security for AWS users
Even as cyber defences become more sophisticated, individuals with high-level privileges to specific systems need to be cautious that their publicly available information is not putting them at risk.
Intelligence-gathering on individuals may be conducted in many different ways. A recent report revealed that more than twenty Amazon Web Service (AWS) APIs may inadvertently reveal critical information about specific individuals within an organisation.
Through using an organisation’s publicly available 12-digit AWS account ID, it may be possible to identify the various roles and users in the account.
Through mapping out all the users and roles in the AWS account, any misconfigured user roles may be identified and exploited, or the user could become the target of spear phishing.
The Amazon services that are vulnerable include Amazon Simple Storage Service (S3), Amazon Key Management Service (KMS), and Amazon Simple Queue Service (SQS).
In order to secure AWS APIs, it is essential to have appropriate Identity and Access Management (IDAM) best practices in place. Give consideration to:
- Removing inactive usernames and roles.
- Adding a random string to usernames to make them harder to guess.
- Ensure proper authentication is required before new users are given access.
- Log and monitor all identity authentication activities.
Furthermore, web services penetration testing can help mitigate the risks to APIs in your environment. Speak to CyberCX to learn how both IDAM and web services penetration testing can form part of your risk management approach and strengthen your cyber resilience.