Misconfigurations let cyberthreats lurk in the system
Misconfigurations that exist in software subsystems or components are yet another human factor that expose organisations to cyberthreats. These errors can happen at any level of the application stack, including web or application servers, databases, network services, custom code, development platforms and frameworks, virtual machines, cloud containers, and storage. Most misconfigurations occur because system administrators often fail to change the default or “out-of-the-box” configurations of applications or devices. Misconfigurations also happen due to people’s negligence or oversight.
Examples of misconfigurations that can lead to cyberattacks include: running outdated software or unnecessary features and services, inadequate access controls (including remote access controls), not keeping up with patches, and faulty hardware maintenance. Cyberattacks due to the cloud misconfiguration of Amazon CloudFormation, CloudTrail, and S3 are also common.
Similarly, misconfigurations can occur in Azure services such as its storage account, virtual machines, and network security groups. Not removing unused or conflicting firewall rules for IRC TCP, TFTP UDP, and RDP/TCP 3389 ports can also cause misconfiguration-based attacks.