2 min Security

Default passwords are main threat to businesses

Default passwords are main threat to businesses

The digital entrance to businesses is still too often open due to default passwords. This culprit is identified by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA).

Too many employees do not change the default passwords they get to use software, systems and applications of the business. Often, they are simple passwords such as “Admin123” that are easy to guess. Moreover, these default passwords allow hackers to break into the digital environments of multiple employees.

The findings come from a cybersecurity advisory issued by CISA and NSA. That advisory is there to make software developers aware of secure-by-design principles. Software and applications that are the product of these principles are inherently secure.

Logical but often forgotten

While the risk of default passwords may be logical for IT administrators, their work does not stay out of the top three threats either. The second place is taken by “improper separation of user and administrator privileges.” By this, the organizations refer to IT administrators assigning different user roles to a single user. That’s a problem if it puts sensitive data in the hands of employees who do not have any business in having this data.

The third risk also has to do with these permissions. “Insufficient network monitoring” is this risk, and networking does become impossible if employees are given too many rights. In this case, it is no longer possible to see through these monitoring tools if an employee is viewing digital data that it does not need to do its job.

Moreover, user rights are a quick way to limit hackers’ actions should they enter an account. An account that only has access to a few online parts is much less valuable to hackers. They will only get their hands on a few parts of an organization and will have to hack into other accounts to extract valuable information.

Rounding out the top ten are:

  • 4. Lack of network segmentation
  • 5. Poor patch management
  • 6. Bypassing of system access controls
  • 7. Weak or misconfigured multifactor authentication (MFA) methods.
  • 8. Insufficient access control lists (ACLs) on network shares and services
  • 9. Poor credential hygiene
  • 10. Unrestricted code execution

Also read: As fear of cyber threats rises, organizations have to review their security strategy