CUNA News
  • LOG IN
  • Create Account
  • Sign Out
  • My Account
  • LOG IN
  • Create Account
  • Sign Out
  • My Account
  • Credit Union Magazine
    • Buyers' Guide
    • COVID-19
    • Digital Edition
    • Credit Union Hero
    • Credit Union Rock Star
    • Subscribe
    • Advertise
    • Contact
  • Advertise
  • Topics
    • Community Service
    • Compliance
    • Credit Union Hero
    • Credit Union Rock Star
    • Credit Union System
    • Directors
    • Human Resources
    • Leadership
    • Lending
    • Marketing
    • Operations
    • Policy & Issues
    • Sales & Service
    • Technology
  • Awards
    • Nominate Credit Union Hero
    • Nominate Credit Union Rock Star
  • Podcasts
  • Videos
  • Contact

News

Home » Cybersecurity advisory shares updates on improving network monitoring, hardening
Policy & Issues

Cybersecurity advisory shares updates on improving network monitoring, hardening

March 7, 2023
2023_01_Cybersecurity_1200

The Cybersecurity and Infrastructure Security Agency (CISA) published a Cybersecurity Advisory (CSA) detailing tactics, techniques, procedures (TTPs) and key findings from a 2022 assessment to provide proactive steps to reduce the threat from malicious cyber actors.  

CISA Red Team Shares Key Findings to Improve Monitoring and Hardening of Networks, highlights the importance for all organizations to collect and monitor logs for unusual activity as well as continuous testing and exercises to ensure their environment is not vulnerable to compromise, regardless of its cybersecurity maturity level. 

During the assessment, CISA’s red team emulated cyber threat actors to assess the cyber detection and response capabilities of a large critical infrastructure organization with multiple geographically separated sites.   

The CSA includes key findings the team found that contributed to persistent, undetected access across the organization’s sites: 

  • Insufficient host and network monitoring. Some of the higher risk activities conducted by the team that could have been detected include phishing, lateral movement reuse, and anomalous Lightweight Directory Access Protocol (LDAP).  
  • Lack of monitoring on endpoint management systems. Endpoint management systems provide elevated access to thousands of hosts and should be treated as high value assets (HVAs) with additional restrictions and monitoring.  
  • Excessive permissions to standard users. This misconfiguration allowed the team to use the low-level access of a phished user to move laterally to an Unconstrained Delegation host and compromise a domain controller.  

Some of the recommended actions in this CSA that can help all organizations harden their environment and protect against real-world malicious activity by cyber threat actors include: 

  • Establish a security baseline of normal network activity; tune network and host-based appliances to detect anomalous behavior.  
  • Conduct regular assessments to ensure appropriate procedures are created and can be followed by security staff and end users.  
  • Enforce phishing-resistant MFA to the greatest extent possible. 

The CSA provides other recommended actions and mitigations as well as more technical details that organizations should review. 

Credit Union Magazine: Spring 2023

Spring 2023

Credit Union Magazine’s Spring 2023 issue features the 2023 Credit Union Heroes and examines CUNA-League advocacy priorities, board leadership, the impact of financial well-being efforts, fee-related compliance issues, predictions for the year ahead, and more.
Digital Edition •  Subscribe

Trending

  • CUNA Mascot Madness: Voting opens for East Region

  • Mascot Madness: East winner crowned; Midwest voting opens

  • League leaders highlight credit union difference, safety, soundness

Tweets by CUNA_News

Polls

CUNA Mascot Madness: Which West Region mascot is your favorite?

View Results
More

Champion for the Credit Union Movement

Credit Union National Association is the most influential financial services trade association and the only national association that advocates on behalf of all of America's credit unions. We work tirelessly to protect your best interests in Washington and all 50 states. We fuel your professional growth at every level and champion the credit union story at every turn.

More CUNA

  • Membership
  • Contact Us
  • Careers

Resources for

  • Credit Union Advocates
  • Leagues
  • Press
  • Providers

Our Affiliates

  • American Association of Credit Union Leagues (AACUL)
  • Credit Union Awareness
  • Credit Union House
  • CUNA Strategic Services
  • National Credit Union Foundation
GET CUNA UPDATES
© 2023 Credit Union National Association | ADA Compliance Notice & Legal
Email Us