To attack the information and communication systems of Ukrainian organizations, attackers use various methods and vulnerability exploitation techniques. Experts from the State Cyber Protection Center of the State Service of Special Communication and Information Protection of Ukraine named the 5 most common vulnerabilities, reports UNN.
Details
Among the most common vulnerabilities, cyber experts named the following:
- using outdated (vulnerable) operating systems
and software;
- excessive number of open services on ARM
(Application Performance Monitoring) and
servers, the use of which is not dictated by production necessity;
- deficiencies in network equipment settings,
in particular, the lack of properly configured access control lists;
- failure to comply with cyber hygiene requirements;
- specifics of using remote access.
To avoid problems, experts recommend following these steps:
- regularly update operating systems and software
to the latest versions. This can significantly improve the speed and
efficiency of programs;
- use a firewall to limit access
to only allowed IP addresses, implement a whitelist of allowed services
and block all others;
- use strong passwords – they should consist
of at least 12 characters and be changed every 90 days;
- use a VPN (virtual private network)
exclusively with strong encryption algorithms.