"Security is always going to be a cat and mouse game because there'll be people out there that are hunting for the zero day award, you have people that don't have configuration management, don't have vulnerability management, don't have patch management." - Kevin Mitnick (American Businessman)
Work culture has changed a lot recently. The ability to work from anywhere and at any time has become comfortable for employees, which in turn has brightened up things for hackers too. These days, sites are being bombarded by hack attacks from groups of hackers who later claim responsibility for the incident and make demands. There are few pain points where hackers start their games.
Let's look into those vulnerable spots one by one.
1. Fake Wireless Access Points
One of the easiest hacks to do is a fake WAP (wireless access point). Think of all the times you and your employees have visited a restaurant for an official meeting and you connect to a free WiFi network available there. This is where the attack begins: assume you have connected to a WiFi network called "Starbucks," and type in your credentials somewhere for confidential access in your laptop - boom, your credentials will be exploited because the WiFi you connected to earlier may not actually be hosted by Starbucks, though its of the same name. This is a decoy network hosted by hackers, and this is a very simple hacking practice used by a lot of attackers. Attacks like these can be eliminated only when you avoid connecting to free WiFi networks.
2. Exploitation of Network Vulnerabilities
With a lot of software in use in your network, there is always a need to keep this software updated in order to avoid unwanted breaches. Critical and noncritical vulnerabilities followed by zero-day vulnerabilities are one major playground for hackers to exploit your network. When patches are missing in your network, you have to be notified of this and have to keep them updated so that unnecessary breaches or suspicious intruders can be avoided. Third party patches have to be updated regularly to keep things on track and keep your organization network secured.
3. Access to User Passwords
Users in your organization must be warned about their upcoming password expiration, and scheduling to change their passwords regularly may reduce the risk of network breach eventually.
4. Waterhole Attacks
This is similar to fake wireless access points, but the attackers target frequently visited bars or coffee shops where employees of a particular organization often meet, and also target a particular website at times, create a fake WAP, and fetch all the confidential information from the employees. Most of the leading IT organizations like Microsoft, Apple, and Google have been victims of this attack. Make sure your employees know about these famous waterholes as these are common hacker targets.
5. Unwanted Process and Software Running in Your Network
Hackers usually bundle a few types of malware with EXEs and run them concurrently when Autorun is triggered. This automatically infects your users' systems and later spreads across your network. You can avoid this by blocking software and other floating EXEs in your network. Restricting usage of USB devices can also be a good practice since, as per industry records, most network breaches happen by usage of USB devices.