SysAdmins Should Lose Exclusive Root Access, Pen Testers Say
System aministrators should not be the only ones with root access rights in a company, penetration testers Aaron Beuhring and Kyle Salous said, according to The Register. To help enterprises deter hackers, the researchers shared a series of security commandments at the recent MIRCon conference in Washington.
Companies should first make targeted malware too expensive by hardening their systems, the pen testers advised. Enterprises could also implement low-cost security measures such as changing access controls, whitelisting and efficient group policies.
You can train users all you want, but unless they are reverse-engineers, they aren’t going to stop clicking things,” Aaron Beuhring said. “We’re not saying whitelisting is easy. You need to create inventory of programs you run and you need to understand the protocols they run on.”
To understand what is being used, enterprises should place their application control systems into “listening mode,” the pen testers said. Companies should also have several administrators for their systems, while regular employees should never be given admin rights.
“None of your users should ever log in as administrator,” Kyle Salous added. “Create a separate admin account for everyone in your tech department. Every time we make attackers` work harder is an opportunity to detect their activity.”
The two researchers also talked about Cryptolocker and its “cool aspect of encrypting all the data.” The ransomware, which Bitdefender has technically documented since 2013, made headlines this year after infecting the systems of over half a million victims.
Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US
July 16, 2021
How to protect yourself against cyberstalking
July 06, 2021
The Top Five Security Risks Smartphone Users Face Today
July 02, 2021
Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials
July 02, 2021
Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger
June 30, 2021
FOLLOW US ON
You might also like
August 05, 2021
August 04, 2021
August 03, 2021