Skip to content
Tiatra, LLCTiatra, LLC
Tiatra, LLC
Information Technology Solutions for Washington, DC Government Agencies
  • Home
  • About Us
  • Services
    • IT Engineering and Support
    • Software Development
    • Information Assurance and Testing
    • Project and Program Management
  • Clients & Partners
  • Careers
  • News
  • Contact
 
  • Home
  • About Us
  • Services
    • IT Engineering and Support
    • Software Development
    • Information Assurance and Testing
    • Project and Program Management
  • Clients & Partners
  • Careers
  • News
  • Contact

How to minimize remote access cyber security threats in 2024

Remote work began as a temporary measure during the pandemic but has long been a permanent fixture in our new way of working. Organizations have shifted to remote desktop work environments at an increasing speed since then – simultaneously expanding their attack surface and exposing themselves to greater cybersecurity threats. The remote work revolution has pushed companies to rethink their security and data protection practices amidst hybrid work and cloud environments. In turn, threat actors have continued to exploit the vulnerabilities companies exposed themselves to, including those publicly identified, in keeping pace with rapid digital transformation efforts. McKinsey & Company estimates that the annual increase of costs related to cybercrime will reach $10.5 trillion by 2025, as cyber risk management has not kept up with digital transformation posing serious risks to organizations’ security and revenue.

As a result, companies find it increasingly difficult to manage their attack surface at the speed and scale necessary to prevent attacks. Here are the top attack surface exposures and trends from the past year, and ways institutions can remediate these threats before they transform into critical issues.

Top attack surface exposures

Palo Alto Networks’ 2023 Unit 42 Attack Surface Threat Management report found that the top attack surface exposures exist via two methods: actions directly taken on a compromised device (such as exfiltrating sensitive files stored locally on the device) or leveraging unauthorized access on a compromised attack surface asset (such as compromising VPNs) to gain further access within an organization. Both methods affect hybrid work environments and exist in various forms. However, the cloud is one increasingly popular attack surface cybercriminals have homed in on. Cloud is the dominant attack surface through which these critical exposures are accessed, due to its operational efficiency and pervasiveness across industries. The key types of exposures, in order of prevalence, include web framework takeover, remote access services, IT and networking infrastructure, file sharing, and database exposures and vulnerabilities.

Web framework takeover and remote access service exposures accounted for over 40% of exposure types. Such services are heavily utilized in hybrid work environments and are fundamental to smooth business operations. Over 85% of organizations analyzed have RDPs accessible via the internet for at least 25% of a given month, leaving them open to ransomware attacks. Given that threat actors exploit critical vulnerabilities within mere hours of publication, this poses a serious security risk for companies.

The attack landscape has evolved to target critical infrastructure. These targets are more appealing to threat actors because they haven’t been regularly maintained in the past. Some of the most at-risk industries include several critical infrastructure sectors such as:

  • Healthcare
  • Utilities and energy
  • Manufacturing
  • Education
  • State/national governments 

The growing trend of targeting critical infrastructure is concerning, as we’ve seen attacks like SolarWinds have devastating impacts.

Interestingly enough, high-tech companies were also among the top organizations targeted by threat actors. These companies heavily rely on remote access services, which can be a significant attack vector due to insecure servers, inadequate security protocols, cloud misconfigurations, exposure of security infrastructure (such as routers and firewalls), and more. Organizations across all industries can benefit from secure practices to limit their remote access exposures.

Key recommendations

Today’s threat actors are adept at exploiting organizational vulnerabilities to gain access to remote environments. In addition to implementing the below suggestions, I suggest monitoring for emerging threats through comprehensive efforts that will set up a strong baseline for your company, such as a service retainer for threat landscape briefings or an audit of your organization’s attack surface for risk.

Here are key recommendations and best practices organizations should consider strengthening their security posture and actively manage their attack surfaces.

  1. Change your vulnerability mindset to identify legacy vulnerability management systems. This will assist your organization in resolving issues before they become mission-critical.
  2. Implement strong authentication methods for key internet-facing systems, such as multi-factor authentication. This way, organizations can secure remote access services and monitor for signs of unauthorized access attempts.
  3. Ensuring continuous visibility into on-premises and cloud assets is a must for security. By maintaining a real-time understanding of all company assets that are accessible online, you set your teams up for success in premeditating attacks.
  4. Attack premeditation is another vital way to secure your systems. Focus on addressing the most critical vulnerabilities across severity and likelihood through the Common Vulnerability Scoring System and Exploit Prediction Scoring System scores, respectively.
  5. Address cloud misconfigurations head-on. Regularly review and update your organization’s cloud configurations to align with industry best practices; have your security and DevOps teams work together to drive secure deployments. While remote access services are crucial for hybrid work environments, their faulty configurations pose significant risks to company security.
  6. Respond to threats quickly. It is of chief importance that your security team respond instantly. Install protocols and mechanisms to help your team quickly leverage attack surface management tools to prioritize patches and remediate common exposures.

Understanding the threats you face, and what you need to protect your organization against them, is critical for a successful cybersecurity program. As research shows, companies and government agencies struggle to understand which assets expose them to the most risk. By implementing these key recommendations, organizations can take a more proactive and holistic approach to maintaining control over their infrastructure and evolving with the changing nature of their attack surface.

To learn more, visit us here.

About the Author:

Matt Kraning is the Chief Technology Officer of Cortex at Palo Alto Networks and was previously Chief Technology Officer and Cofounder of Expanse, which was acquired by Palo Alto Networks. Matt is an expert in large-scale optimization, distributed sensing, and machine learning algorithms run on massively parallel systems. Prior to co-founding Expanse, Matt worked for DARPA, including a deployment to Afghanistan. Matt holds Bachelor’s, Master’s, and PhD degrees from Stanford University.

Security
Read More from This Article: How to minimize remote access cyber security threats in 2024
Source: News

Category: NewsJanuary 22, 2024
Tags: art

Post navigation

PreviousPrevious post:2024年にITリーダーとして成長する15の方法NextNext post:Discovery : A key requirement for enabling AIOps

Related posts

휴먼컨설팅그룹, HR 솔루션 ‘휴넬’ 업그레이드 발표
May 9, 2025
Epicor expands AI offerings, launches new green initiative
May 9, 2025
MS도 합류··· 구글의 A2A 프로토콜, AI 에이전트 분야의 공용어 될까?
May 9, 2025
오픈AI, 아시아 4국에 데이터 레지던시 도입··· 한국 기업 데이터는 한국 서버에 저장
May 9, 2025
SAS supercharges Viya platform with AI agents, copilots, and synthetic data tools
May 8, 2025
IBM aims to set industry standard for enterprise AI with ITBench SaaS launch
May 8, 2025
Recent Posts
  • 휴먼컨설팅그룹, HR 솔루션 ‘휴넬’ 업그레이드 발표
  • Epicor expands AI offerings, launches new green initiative
  • MS도 합류··· 구글의 A2A 프로토콜, AI 에이전트 분야의 공용어 될까?
  • 오픈AI, 아시아 4국에 데이터 레지던시 도입··· 한국 기업 데이터는 한국 서버에 저장
  • SAS supercharges Viya platform with AI agents, copilots, and synthetic data tools
Recent Comments
    Archives
    • May 2025
    • April 2025
    • March 2025
    • February 2025
    • January 2025
    • December 2024
    • November 2024
    • October 2024
    • September 2024
    • August 2024
    • July 2024
    • June 2024
    • May 2024
    • April 2024
    • March 2024
    • February 2024
    • January 2024
    • December 2023
    • November 2023
    • October 2023
    • September 2023
    • August 2023
    • July 2023
    • June 2023
    • May 2023
    • April 2023
    • March 2023
    • February 2023
    • January 2023
    • December 2022
    • November 2022
    • October 2022
    • September 2022
    • August 2022
    • July 2022
    • June 2022
    • May 2022
    • April 2022
    • March 2022
    • February 2022
    • January 2022
    • December 2021
    • November 2021
    • October 2021
    • September 2021
    • August 2021
    • July 2021
    • June 2021
    • May 2021
    • April 2021
    • March 2021
    • February 2021
    • January 2021
    • December 2020
    • November 2020
    • October 2020
    • September 2020
    • August 2020
    • July 2020
    • June 2020
    • May 2020
    • April 2020
    • January 2020
    • December 2019
    • November 2019
    • October 2019
    • September 2019
    • August 2019
    • July 2019
    • June 2019
    • May 2019
    • April 2019
    • March 2019
    • February 2019
    • January 2019
    • December 2018
    • November 2018
    • October 2018
    • September 2018
    • August 2018
    • July 2018
    • June 2018
    • May 2018
    • April 2018
    • March 2018
    • February 2018
    • January 2018
    • December 2017
    • November 2017
    • October 2017
    • September 2017
    • August 2017
    • July 2017
    • June 2017
    • May 2017
    • April 2017
    • March 2017
    • February 2017
    • January 2017
    Categories
    • News
    Meta
    • Log in
    • Entries feed
    • Comments feed
    • WordPress.org
    Tiatra LLC.

    Tiatra, LLC, based in the Washington, DC metropolitan area, proudly serves federal government agencies, organizations that work with the government and other commercial businesses and organizations. Tiatra specializes in a broad range of information technology (IT) development and management services incorporating solid engineering, attention to client needs, and meeting or exceeding any security parameters required. Our small yet innovative company is structured with a full complement of the necessary technical experts, working with hands-on management, to provide a high level of service and competitive pricing for your systems and engineering requirements.

    Find us on:

    FacebookTwitterLinkedin

    Submitclear

    Tiatra, LLC
    Copyright 2016. All rights reserved.