Wrixte
Wrixte
  • Home
  • Company
    • About
    • Career
    • Blog
  • Products
    • Wrixte SIEM
    • Wrixte SOAR
    • Wrixte Case & Incident Management
    • Wrixte Threat Analytics Engine
    • Wrixte Network Analytics Engine
    • Wrixte Malware Analytics Engine
    • Wrixte Cyber Threat Intelligence
    • Wrixte aiPentest Platform
  • Solutions
    • Log Management & Analytics
    • Endpoint Detection & Response
    • Network Detection & Response
    • Cloud Detection & Response
    • Container Security Monitoring
    • Attack Surface Management
    • Distributed Tracing & Analytics
    • Policies & Compliance Monitoring
    • Infrastructure Monitoring
    • ICS/SCADA/OT Security
  • Services
    • Managed SOC
    • Managed OT SOC
    • Incident Response
    • Cyber Threat Hunting
    • Red Team Assessment
    • Penetration Test
  • Industries
    • Banking & Finance (BFSI)
    • Medical And Healthcare
    • Compliance Solutions
    • Manufacturing
    • Government
    • Legal
  • Partners
    • MSSP Partner
    • Solution Provider
  • Contact
  • February 21, 2023
  • wrixte.co

We all know cyber-crime is growing rapidly but since the inception of covid19 the cyber-crime took a massive jump and various industry sources say that just within the past 4 week cyber threats have grown by 800%. We are in a time where cybersecurity can not be ignored at all.

In the past 3 weeks many organizations on various levels have faced cyber attacks, I received emails and phone calls inquiring about what better cybersecurity measures they can take to protect their digital assets.

So I decided to write a series of posts on cybersecurity. This is the very first blog of this series:

Many people believe that their business is small and cyber criminals will not target them. It’s a big myth. Cyber criminals do not look at the size or revenue of the business before attacking it. 

Another thing is that the majority of cyber attacks are automated. Cyber criminals configure some automated scripts known as bots and these bots continuously look for vulnerable servers and applications and hit them.

In this whole automated attack process; size and revenue of the business does not  matter at all, as bots or automated scripts are designed to look for vulnerable targets, not the size and revenue of the business.

Another big myth that the majority of people have is SSL/TLS and Firewall protects their business applications and servers. 

Let me clarify that SSL/TLS which stands for Secure Socket Layer/ Transport Layer Security; only ensures secure communication between the client and server. But still having SSL/TLS does not mean that the communication between application/server and clients/users are fully secure. So many other factors work here which I will talk about later.

When it comes to firewalls, most people use cloud flare WAF. Cloud flare is a DNS based web application firewall, it only works when the cyber criminal attacks your website using it’s domain name. If the attacker uses the IP address of your server to attack the server then cloud flare WAF won’t be able to do anything as the attacker won’t go through the DNS server.

For cyber criminals it’s not at all a big deal to identify the actual IP address of your web server.

Now the big question is how organizations can protect their digital assets ? What kind of cybersecurity measures organizations should take to protect their IT assets ?

Cybersecurity can not be addressed using any single security solution such as firewall or IDS/IPS. Organizations should have a strategic multi-layer cybersecurity process to combat and mitigate the modern cyber threats.

Some of you may say that multi-layer cybersecurity will be very expensive for small and medium size businesses.

Again it’s a big myth among corporate leaders that the multi-later cybersecurity will cost a lot of money. In reality cybersecurity does not require big investments. You simply need to learn and follow some golden rules of cybersecurity and that will be enough to counter the modern cyber threats.

The very first golden rule of cybersecurity is one server one service : the majority of us use servers where so many services are installed such as multiple programming languages, multiple databases, email servers, ftp services and a lot more other  packages and services which are not at all required.

Your website is built on top of PHP 7.4 and using MySQL as database, so technically your server should only have PHP 7.4 and MySQL installation, nothing apart from it. But our servers with cpanel and plesk come with a whole lot of services and application packages which our web application hardly uses or we install all the unnecessary stuff without understanding anything.

This creates many security issues. The more services and packages means a bigger attack surface for cyber criminals. I have personally witnessed many servers with end of life, unsupported, and outdated  services installed. Attackers target these outdated services or packages and attack them using various exploits and malwares. 

Another golden rule of cybersecurity is : Always install security patches into your servers and keep servers fully updated. 

Nothing is immune to cyber threats and no software developed in this world is vulnerability free. Organizations continuously test their software and release security patches. Microsoft releases security patches the second Tuesday of each month. 

When it comes to Linux they are pretty much faster than Microsoft, The average vulnerability patch release time of Linux is just 7 hours. So keep an eye on security patch releases, install it as early as possible and keep your servers secure and immune to cyber attacks.

Continuously perform vulnerability scans to discover any hidden vulnerability which can be exploited, Perform the vulnerability scan, identify vulnerable ports and services and patch them before they get exploited by any cyber criminal or automated script or bot.

These were the process part now it’s time to focus on cybersecurity controls that you need to have in your network or servers.

  1. Make sure you have proper access control and authentication mechanisms on your application and servers. Public facing applications should be executed using a no-shell, no-login user.
  2. Harden your Linux server, enable IP tables and SE-Linux. Only open required ports publicly. 
  3. Only use strong usernames and passwords. Don’t use well known usernames such as Admin, Administrators etc. Passwords should be at least 14 characters long and should be made using the combination of upper case, lower case, numeric and special characters. Along with password policy, organizations should also have a strong username policy to better address cybersecurity.
  4. Use a server based web application firewall along with some DNS based firewall such as Cloud flare for additional layers of protection.
  5. Install SSL/TLS certificates to ensure communication level security. SSL protocol is outdated and insecure; it has been replaced by TLS protocol long ago. Make sure you use TLS1.2 or higher as anything lower than TLS1.2 is vulnerable and insecure.
  6. The TLS1.2 certificate size should be at least 2048bit.
  7. Another very important activity is log monitoring. Keep an eye on system logs as logs will give in-depth information about your system activities.

It’s a big list of activities. In my upcoming blog,  I will talk about how you can execute these cybersecurity activities into your organization. I will share details about the tools and techniques which can help you deploy all the required cybersecurity measures. 

Thank you for reading.

Tags:

Cloud ServicesData Center
Previous Post
Next Post

Leave a comment

Cancel reply

Recent Posts

  • The Threat of AI-Augmented Phishing Attacks
  • Protecting Industrial Control Systems (ICS) from Cyber Attacks
  • Cybersecurity Implications of Brain-Computer Interfaces (BCIs)
  • Blockchain Technology in Cybersecurity: Beyond Cryptocurrencies
  • Ethical Hacking: Balancing Security and Privacy

Recent Comments

No comments to show.

Recent Post

  • crysa
    October 25, 2024
    The Threat of AI-Augmented Phishing Attacks
  • crysa
    October 25, 2024
    Protecting Industrial Control Systems (ICS) from Cyber Attacks
  • crysa
    October 25, 2024
    Cybersecurity Implications of Brain-Computer Interfaces (BCIs)

Categories

  • Cloud Service
  • Compliance
  • CyberSecurity
  • Data Center
  • DataSecurity
  • Policy Monitoring
  • SFIM
  • SIEM
  • Uncategorized

Tags

Cloud Services Compliance Cybersecurity Data Center DataPrivacy DataSecurity ISO27001 SecurityControls Web

Archives

  • October 2024
  • September 2024
  • August 2024
  • July 2024
  • June 2024
  • May 2024
  • April 2024
  • March 2024
  • January 2024
  • November 2023
  • September 2023
  • August 2023
  • June 2023
  • May 2023
  • March 2023
  • February 2023
  • June 2022
  • April 2022

Wrixte is a leading provider of cybersecurity solutions, offering Managed SOC Services to help organizations protect against cyber threats. Our services are tailored to the unique needs of each client and backed by a team of experienced security professionals and dual AI powered Wrixte SOC Suite.

We Serve

  • Products
  • Services
  • Industries
  • Solutions

Contact Info

  • #310, 3rd Floor, B- Wing, Blue Cross Chambers, Infantry Road Cross, Bengaluru - 560001
  • Opening Hours: 9:00 AM – 09.00 PM
  • Phone: +91 984 5536 176
Subscribe to our Newsletter

Join our subscribers list to get the latest news and special offers.

    © Copyright 2023. All Rights Reserved By Wrixte Infosec Private Limited
     

    We use cookies on this website to improve your browsing experience and analyze site traffic. By clicking 'Accept,' you consent to our use of cookies. To learn more about how we use cookies, please read our Privacy Policy.
    Accept
    Change Settings
    Cookie Box Settings
    Cookie Box Settings

    Privacy settings

    Decide which cookies you want to allow. You can change these settings at any time. However, this can result in some functions no longer being available. For information on deleting the cookies, please consult your browser’s help function. Learn more about the cookies we use.

    With the slider, you can enable or disable different types of cookies:

    • Block all
    • Essentials
    • Functionality
    • Analytics
    • Advertising

    This website will:

    This website won't:

    • Essential: Remember your cookie permission setting
    • Essential: Allow session cookies
    • Essential: Gather information you input into a contact forms, newsletter and other forms across all pages
    • Essential: Keep track of what you input in a shopping cart
    • Essential: Authenticate that you are logged into your user account
    • Essential: Remember language version you selected
    • Functionality: Remember social media settings
    • Functionality: Remember selected region and country
    • Analytics: Keep track of your visited pages and interaction taken
    • Analytics: Keep track about your location and region based on your IP number
    • Analytics: Keep track of the time spent on each page
    • Analytics: Increase the data quality of the statistics functions
    • Advertising: Tailor information and advertising to your interests based on e.g. the content you have visited before. (Currently we do not use targeting or targeting cookies.
    • Advertising: Gather personally identifiable information such as name and location
    • Remember your login details
    • Essential: Remember your cookie permission setting
    • Essential: Allow session cookies
    • Essential: Gather information you input into a contact forms, newsletter and other forms across all pages
    • Essential: Keep track of what you input in a shopping cart
    • Essential: Authenticate that you are logged into your user account
    • Essential: Remember language version you selected
    • Functionality: Remember social media settings
    • Functionality: Remember selected region and country
    • Analytics: Keep track of your visited pages and interaction taken
    • Analytics: Keep track about your location and region based on your IP number
    • Analytics: Keep track of the time spent on each page
    • Analytics: Increase the data quality of the statistics functions
    • Advertising: Tailor information and advertising to your interests based on e.g. the content you have visited before. (Currently we do not use targeting or targeting cookies.
    • Advertising: Gather personally identifiable information such as name and location
    Save & Close
    Go to mobile version
    • →
    • Contact Us

      Contact Form

    • WhatsApp
    • Facebook Messenger
    • Telegram