US-CERT Shares Ways to Avoid Cyber Incidents

The Department of Homeland Security’s United States Computer Emergency Team (US-CERT) has just released a new cyber alert called, The Increasing Threat to Network Infrastructure Devices and Recommended Mitigations (September 28, 2016).  In plain English, the document outlines consequences for three different types of attacks:

• If your computer network infrastructure is compromised, malicious hackers or adversaries can gain full control of the network infrastructure; compromise your SCADA or business records; publish confidential information; and even prevent you from using your own data (denial of service).
• Intruders with infrastructure privilege and access can impede productivity and severely hinder re-establishing network connectivity. Even if other compromised devices are detected, tracking back to a compromised infrastructure device is often difficult.
• Malicious actors with persistent access to network (disgruntled employees, unhappy vendors).

In the new alert, US-CERT offers six practical ways to enhance the integrity and security of your computer infrastructure.

1. Segregate Networks and Functions
2. Limit Unnecessary Lateral Communications
3. Harden Network Devices
4. Secure Access to Infrastructure Devices
5. Perform Out-of-Band Management
6. Validate Integrity of Hardware and Software

The full document can be downloaded here https://www.us-cert.gov/ncas/alerts/TA16-250A and covers each of the items above in greater detail and with recommended actions.