06 Jul Weak Passwords – Risks Continue
One of the sobering facts about this incident is that organizations, even those like the UK Parliament that should have high security, are still vulnerable to password cracking and account takeovers. In most cases, passwords are the key to virtually every type of data in the network. If the passwords are weak the entire enterprise is at risk. The strongest encryption system is meaningless if the password that unlocks it is easily cracked.
Without more details about what happened and why, we can only speculate about the Parliament’s security, or lack thereof. But it would seem that either the Parliament didn’t have strong password policies in place, or they weren’t enforcing them. In either case, it’s a wakeup call for other organizations to check their own authentication policies and make sure that they don’t allow weak passwords, and then make sure that their security controls are enforcing those policies.
Of equal importance, all organizations need to realize that humans will make mistakes and that things will go wrong—even within entities like the Parliament where security should be a given. To guard against the inevitable, everyone needs to continuously monitor how their user accounts, and be able to detect not if, but when intruders get hold of passwords or other logon credentials.
No one is immune to the need for ongoing diligence and double checking your policies and security controls to see if they are working correctly.
[i] UK Parliamentary Email Compromised After ‘Sustained and Determined Cyber Attack, The Register, Jun 26, 2017