Penetration Testing with Kali Linux OffSec


səhifə22/132
tarix21.12.2023
ölçüsü
#187693
1   ...   18   19   20   21   22   23   24   25   ...   132
PEN-200

denial of service
.
63
On February 24, 2022, at the beginning of the Russian invasion of Ukraine, 
Viasat’s
64
satellite 
broadband service was hit by a Denial of Service (DoS) attack that brought down satellite internet 
for Ukrainian customers, including the Ukrainian government and military. This attack utilized a 
then-novel wiper malware known as 
AcidRain

The impact
65
of this attack was that Viasat’s satellite internet was temporarily unavailable in 
Ukraine at a critical moment at the beginning of the invasion, disrupting communication and 
coordination. Very little information is available about how this attack unfolded. Viasat stated that 
a VPN “misconfiguration” allowed initial access. Though it is unclear what the specific 
misconfiguration was, this attack could have been prevented by ensuring proper VPN 
configuration. 
It is possible that this attack could have been prevented - though we should acknowledge the 
well-known difficulties associated with prevention - by following general guidance for defending 
against 
Advanced Persistent Threats
(APTs).
66
This guidance suggests ensuring complete 
visibility into one’s environment, engaging in threat intelligence, and performing threat hunting, 
among other recommendations. 
3.3.4
Balancing the Triad with Organizational Objectives 
Before concluding this section, let’s zoom out and consider how prioritizing the CIA triad can 
impact an organization. In particular, an important nuance to consider is that security controls 
themselves
can sometimes be a detriment to availability. Extremely strong security isn’t always 
optimal for an organization. If security is so strong that users are not able to use the systems, or 
frequently become frustrated with the systems, this may lead to inefficiency, low morale, and 
potentially the collapse of the organization. 
Balancing security controls with availability is a critical and continuous process of evaluation, 
exploration, threat modelling, discussion, testing, and release. Making rules that prevent 
employees from participating in improvements is an easy way to ruin a security program. Security 
62
(CrowdStrike, 2022), https://www.crowdstrike.com/blog/technical-analysis-of-whispergate-malware/ 
63
(Wikipedia, 2021), https://en.wikipedia.org/wiki/Denial-of-service_attack 
64
(Viasat, 2022), https://www.viasat.com/about/newsroom/blog/ka-sat-network-cyber-attack-overview/ 
65
(Sentinel One, 2022), https://www.sentinelone.com/labs/acidrain-a-modem-wiper-rains-down-on-europe/ 
66
(CrowdStrike, 2022), https://www.crowdstrike.com/cybersecurity-101/advanced-persistent-threat-apt/ 


Penetration Testing with Kali Linux
PWK - Copyright © 2023 OffSec Services Limited. All rights reserved. 
44 
is everyone’s responsibility, and processes that receive feedback from the entire organization as 
well as educate employees about how to use the controls are typically important to a successful 
security program. 
3.4
Security Principles, Controls, and Strategies 
This Learning Unit covers the following Learning Objectives: 

Understand the importance of multiple layers of defense in a security strategy 

Describe threat intelligence and its applications in an organization 

Learn why access and user privileges should be restricted as much as possible 

Understand why security should not depend on secrecy 

Identify policies that can mitigate threats to an organization 

Determine which controls an organization can use to mitigate cybersecurity threats 
3.4.1
Security Principles 
During this Learning Unit, we’ll begin to explore a few 

Yüklə

Dostları ilə paylaş:
1   ...   18   19   20   21   22   23   24   25   ...   132




Verilənlər bazası müəlliflik hüququ ilə müdafiə olunur ©azkurs.org 2024
rəhbərliyinə müraciət

gir | qeydiyyatdan keç
    Ana səhifə


yükləyin