|NMLEA Cybersecurity STAR Partners Continue to Shine!
Zero Trust continues to emerge as the top priority for cyber risk management… and NMLEA STAR Partner NetFoundry is in the lead. In a recent report published by Gartner, NetFoundry was named as a “Cool Vendor in Enhanced Internet Services and Cloud Connectivity.” (you can download the report by clicking here.
And in a NextGov article The Defense Department's anticipated guidelines should inspire more organizations to follow such a model, moving zero trust from a buzzword to reality, on September 16, 2020 (https://www.nextgov.com/ideas/2020/09/path-toward-holistic-zero-trust-architecture/168472/), this point was made to support why this is important: “As the proliferation of cyberattacks increases exponentially, up 273% in Q1 2020 compared to Q1 2019, and traditional cybersecurity approaches continue to fail, it is more critical than ever that organizations of all sizes implement a zero trust-based cybersecurity strategy. Today, only about 15% of organizations follow a true zero trust strategy.”
And our other Cybersecurity STAR Partner, RiskSense, continues to earn national recognition as the leading innovator in cyber threat management. In September, the Dutch security firm Secura (https://www.secura.com) published a novel attack on the Netlogon Remote Protocol RPC interface used by Microsoft Active Directory Domain Controllers for password database synchronization. This attack leverages a design weakness in the Netlogon Remote Protocol login process that allows an attacker to log in and perform critical operations using a password consisting entirely of zeros. This attack is highly successful — on average, 1 in 256 login attempts!
So, in an effort to help the security community, RiskSense developed the first publicly available exploit and implemented the attack as reported in the Secura whitepaper (https://www.secura.com/blog/zero-logon). Further, RiskSense created a modified version of the Secura scanner that performs the complete attack chain including reversing the attack to restore the original domain controller machine password. The sample exploit code can be found at https://github.com/risksense/zerologon/. For RiskSense platform clients, a filter in the platform has been created to alert users if they have the potential that will allow an attacker to gain access to Windows Domain Controllers.
To learn more about our STAR Program (Service Tested — Academy Recognized), you can go to website and click on the “Services” tab (https://www.nmlea.org/services), and to learn more about our STAR cybersecurity partners, you can go the same tab.
To become part of our Maritime Cybersecurity Pilot, where we place these tools in key port locations around the country at no cost, contact our team at Cyber@nmlea.org.
7701 Las Colinas Blvd., Ste. 800, Irving, TX 75063