A few weeks ago, I posted a blog about "Digital Footprints" and how cybercriminals use them in their attacks. This is a key challenge for almost every organization, yet most don’t have any tools in place to monitor and track their digital footprint, which means their attack surface is growing with no way to monitor how hackers may be targeting them. Hackers perform reconnaissance on their targets before launching an attack to identify the weak points and maximize their chance of success. To protect yourself from new hacker TTPs and attack vectors, you need to view your organization like an attack would.
Here are 5 must-know tips for reducing your company's digital footprint and minimizing your chance of a successful attack.
5 Must-Know Tips for Reducing Your Corporate Digital Footprint
- Employee Education: Employees are a critical component of your cyber security protection, and are often the weakest link in the chain. There's no replacement for employee cyber security education. Training your team on how hackers use digital footprints to figure out credentials will help them understand how to create safer logins. For example, teach them to not use any personally identifiable information or publicly accessible information as their username/password/key to company systems. Additionally, identify key employees with access to the most sensitive systems, and invest even more on educating them to further protect these critical systems.
- Company Policies: If users need to be cautioned and trained, so does the company. Refrain from using any pII for authentication to sensitive systems. Do not use birth dates, SSNs, or security questions that can be easily guessed from a short search on google (the name of your high school, or your mother’s maiden name). It may be harder for employees to use a unique set of credentials just for work, but it makes it exponentially harder for a hacker to guess or social engineer these credentials out of users. If it takes a hacker too long to figure out login credentials, they will likely give up and try a different company. There are plenty of weak targets out there!
- Use Search Engines to Begin Mapping Your Digital Footprint: To know where your weak points are, you need to understand your complete digital footprint and view your organization like a hacker would. Go on google, search for your company brand and assets, and see how a user sees your critical infrastructure and VIP assets. You’ll be surprised at how much information is already out there. With basic search techniques, you can start to map the Internet presence of a company in just a couple of hours.
For individuals, search for data that only you know, and that an attacker will want to discover: Social Security numbers, your full name, your name and current address, your name and your current and former employer. For companies, search for your potential assets, internal Ip addresses, and unique server names. check access to internal pages and servers – all outside the company’s physical network.
- Take Down Non-Related or Outdated Assets: Part of your search engine research process should include marking and taking down any non-related, outdated or outright malicious data, website, repository or article that you find. To do this, contact the hosting parties, request them to remove the content from the site, or alert google for a malicious link to be removed.
- Use a Digital Risk Protection (DRP) Solution: If you really want to get serious about reducing your digital footprint, you need to implement a DRP solution. According to Forrester Research, these solutions "offer rapid event detection and remediation capabilities so companies can fix issues before bad actors exploit them (e.g., sensitive data publicly exposed due to misconfigured Amazon S3 buckets, impersonated social media accounts, or phishing websites) and to limit the effects of successful attacks when they occur." Click here to read more about Forrester's recent New Wave: Digital Risk Protection, Q3 2018 Report.
DRP solutions also enable you to search the Deep and Dark web for any leaked credentials or key company assets that could already be compromised. This will help you proactively protect against unauthorized access by locking down these credentials before they’re used in an attack.
To read more about how to monitor and manage your digital footprint to reduce your attack surface, download our white paper.