NCSC Warns Against Bring-Your-Own-Device, Urges Session Cookie Management
By Netvora Tech News
The National Cyber Security Centre (NCSC) is advising organizations to ban Bring-Your-Own-Device (BYOD) policies and to implement robust session cookie management. These measures can significantly enhance the digital resilience of organizations. The warning comes in the wake of a publication by the AIVD and MIVD on a group called "Laundry Bear", which is believed to be responsible for attacks on law enforcement agencies and other organizations. The group uses common attack techniques, including password spraying, session cookie theft, and Living-off-the-Land (LotL) tactics. According to the NCSC, organizations should take six key measures to bolster their defenses. Firstly, they should prohibit BYOD and ensure that all devices accessing their IT environment are managed by the organization. This includes implementing Endpoint Detection and Response (EDR) to detect and respond to suspicious behavior. Secondly, the NCSC urges organizations to manage session cookies. Session cookies, which indicate whether a user is logged in, should only be accessible from a single IP address. Additionally, security policies should require regular cookie removal from browsers (e.g., daily) and the lifespan of session cookies should be minimized. Other recommended measures include implementing phishing-resistant multifactor authentication (MFA) and using strong, long passwords. The NCSC suggests facilitating employee use of password managers. Finally, organizations are encouraged to invest in awareness and training programs and to apply the five basic principles of cybersecurity.
- Prohibit BYOD and manage all devices accessing the IT environment
- Implement Endpoint Detection and Response (EDR)
- Manage session cookies
- Implement phishing-resistant multifactor authentication (MFA)
- Use strong, long passwords
- Facilitate employee use of password managers
Comments (0)
Leave a comment