Organizations should be on their toes to harden and secure their network infrastructure as global cyber threats to systems are rising.
The recent alert comes from the National Cybersecurity and Communications Integration Center (NCCIC) as organized hacker groups and cyber threat actors continue to increase their capabilities to target information systems.
Organizations should be extra vigilant and prepared for potential malicious cyber activity ahead of upcoming national holidays, such as Ukraine’s Constitution Day on June 28, 2018.
“Network infrastructure devices are often easy targets for attackers. Many of these devices are not maintained at the same security level as general-purpose desktops and servers, but there are steps users and network administrators can take to better secure their network infrastructure,” NCCIC stated in a security tip and advisory released last Thursday.
NCCIC encourages users and administrators to implement the following safeguards to help thwart cyber threats:
- Segregate networks and functions (by sensitivity).
- Limit unnecessary lateral communications.
- Harden network devices.
- Secure access to infrastructure devices.
- Perform out-of-band network management.
- Validate hardware and software integrity.
Other good recommendations include implementing principles of least privilege and need-to-know when designing network segments.
Some additional good network hardening recommendations from NCCIC include:
- Disable unencrypted remote admin protocols used to manage network infrastructure (e.g., Telnet, File Transfer Protocol [FTP]).
- Disable unnecessary services (e.g., discovery protocols, source routing, Hypertext Transfer Protocol, Simple Network Management Protocol [SNMP], Bootstrap Protocol).
- Use SNMPv3 (or subsequent version), but do not use SNMP community strings.
- Secure access to the console, auxiliary, and virtual terminal lines.
- Implement robust password policies, and use the strongest password encryption available.
- Protect routers and switches by controlling access lists for remote administration.
- Restrict physical access to routers and switches.
- Back up configurations and store them offline. Use the latest version of the network device operating system and keep it updated with all patches.
- Periodically test security configurations against security requirements.
- Protect configuration files with encryption or access controls when sending, storing, and backing up files.
- Separate sensitive information and security requirements into network segments.
See more technical details in the NCCIC Security Tip (ST18-001) “Securing Network Infrastructure Devices.”