Penetration Testing with Kali Linux OffSec
|
|
denial of service
. 63 On February 24, 2022, at the beginning of the Russian invasion of Ukraine, Viasat’s 64 satellite broadband service was hit by a Denial of Service (DoS) attack that brought down satellite internet for Ukrainian customers, including the Ukrainian government and military. This attack utilized a then-novel wiper malware known as AcidRain . The impact 65 of this attack was that Viasat’s satellite internet was temporarily unavailable in Ukraine at a critical moment at the beginning of the invasion, disrupting communication and coordination. Very little information is available about how this attack unfolded. Viasat stated that a VPN “misconfiguration” allowed initial access. Though it is unclear what the specific misconfiguration was, this attack could have been prevented by ensuring proper VPN configuration. It is possible that this attack could have been prevented - though we should acknowledge the well-known difficulties associated with prevention - by following general guidance for defending against Advanced Persistent Threats (APTs). 66 This guidance suggests ensuring complete visibility into one’s environment, engaging in threat intelligence, and performing threat hunting, among other recommendations. 3.3.4 Balancing the Triad with Organizational Objectives Before concluding this section, let’s zoom out and consider how prioritizing the CIA triad can impact an organization. In particular, an important nuance to consider is that security controls themselves can sometimes be a detriment to availability. Extremely strong security isn’t always optimal for an organization. If security is so strong that users are not able to use the systems, or frequently become frustrated with the systems, this may lead to inefficiency, low morale, and potentially the collapse of the organization. Balancing security controls with availability is a critical and continuous process of evaluation, exploration, threat modelling, discussion, testing, and release. Making rules that prevent employees from participating in improvements is an easy way to ruin a security program. Security 62 (CrowdStrike, 2022), https://www.crowdstrike.com/blog/technical-analysis-of-whispergate-malware/ 63 (Wikipedia, 2021), https://en.wikipedia.org/wiki/Denial-of-service_attack 64 (Viasat, 2022), https://www.viasat.com/about/newsroom/blog/ka-sat-network-cyber-attack-overview/ 65 (Sentinel One, 2022), https://www.sentinelone.com/labs/acidrain-a-modem-wiper-rains-down-on-europe/ 66 (CrowdStrike, 2022), https://www.crowdstrike.com/cybersecurity-101/advanced-persistent-threat-apt/ Penetration Testing with Kali Linux PWK - Copyright © 2023 OffSec Services Limited. All rights reserved. 44 is everyone’s responsibility, and processes that receive feedback from the entire organization as well as educate employees about how to use the controls are typically important to a successful security program. 3.4 Security Principles, Controls, and Strategies This Learning Unit covers the following Learning Objectives: • Understand the importance of multiple layers of defense in a security strategy • Describe threat intelligence and its applications in an organization • Learn why access and user privileges should be restricted as much as possible • Understand why security should not depend on secrecy • Identify policies that can mitigate threats to an organization • Determine which controls an organization can use to mitigate cybersecurity threats 3.4.1 Security Principles During this Learning Unit, we’ll begin to explore a few Yüklə Dostları ilə paylaş:
|