1.0 Attacks, Threats, and Vulnerabilities
1.6 Security Concerns Associated with Vulnerabilities
Cloud-Based Vulnerabilities - Vulnerabilities for a cloud environment. More available to target, data breach/loss, potential privacy issues
On-Premises Vulnerabilities - In house data center, requires regular maintenance and additional fault resilience, more susceptible to physical-based events (nature, power outage)
Zero-Day Vulnerabilities - A previously unknown vulnerability/exploit
Weak Configurations
Open Permissions - No authentication requirements.
Unsecure Root Accounts - No authentication admin.
Errors - Errors should not include too much details to give an attacker extra info on a network/system, just need to be specific enough to say where to look.
Weak Encryption - Obsolete encryption methods, encryption that can easily be decrypted.
Unsecure Protocols - Unencrypted protocols
Default Settings - OEM/Factory set (public) credentials
Open Ports and Services - Manage Ports and traffic flow with a Firewall, open ports are open to communication and can be targeted.
Third-Party Risks
Vendor Management - Managing and monitoring vendor risk and vulnerabilities
System Integration - 3rd party device or access to inside the network
Lack of Vendor Support - Vendor doesn’t/slow to patch vulnerabilities.
Supply Chain - Vulnerabilities in the sources of what builds your capabilities.
Outsourced Code Development - 3rd party developers, isolate from the production environment.
Data Storage - On-prem or in cloud, needs proper protocols in place to secure and set access controls.
Improper or Weak Patch Management
Firmware - Commonly not patched often, can lead to devices being vulnerable.
Operating System (OS) - Core software running a device vulnerabilities
Applications - Software exploits
Legacy Platforms - No longer supported, retired software/hardware still in use
Impacts
Data Loss - Hardware failure, malicious removal, potentially can ruin a business.
Data Breaches - Access to data, can lead to extortion, potential loss of profits
Data Exfiltration - Malicious data transfer, unauthorized, can lead to ransomware/extortion
Identity Theft - Can lead to financial damages or unintended authorization
Financial - Interruption of business, loss of profits, unauthorized money transfers
Reputation - Loss of trust in the business
Availability Loss - Denial of service, loss of profits