Recommendations

1. Implement 24/7 strict network and user activity monitoring, especially during non-office hours, to promptly detect any signs of data exfiltration.

2. Minimize the attack surface by applying appropriate access controls based on a need-to-know basis.

3. Utilize the identified Indicators of Compromise (IOCs) to update network security tools and firewalls, effectively blocking communication with malicious IPs.

4. Ensure high availability and resilience by deploying load balancer solutions to distribute traffic evenly and prevent server overload during potential attacks.

5. Enhance the security posture with a Web Application Firewall (WAF) that aalyzes incoming traffic, filtering out malicious requests and patterns associated with DDoS attacks.

6. Prioritize input validation and sanitation to mitigate risks of malicious code injection, such as SQL injection and Cross-Site Scripting, which could lead to web defacement.

7. Conduct thorough security assessments to check for missing security headers and implement recommended practices to prevent threat actors from exploiting vulnerabilities, as outlined by resources like OWASP Secure Headers guidelines.

8. Maintain regular backups of website content and databases to enable swift restoration in the event of defacement or other incidents.

9. Strengthen data protection by enforcing HTTPS with SSL/TLS encryption on the website, safeguarding data during transmission and preventing tampering by attackers.

10. Stay vigilant about security updates and patches for web server software, content management systems (CMS), plugins, and other components to mitigate known vulnerabilities.

11. Adhere to the latest OWASP guidelines and best practices while configuring and hardening web applications to fortify defenses against potential cyber threats.

This report serves as an update to the ‘SITUATIONAL ALERT ON CYBER THREATS’ issued on 4th August. It provides an Indicator of Compromise (IOC) list which organizations may use for their preventive security measures.

For the full document click here