Photo by Dane Deaner on Unsplash
Reducing the Windows 10 attack surface
Digging In
Microsoft has been providing tools to administrators to prevent attacks against Windows systems for several years now. The Attack Surface Analyzer introduced in Windows Vista was replaced by Attack Surface Reduction in Windows 10. In this article, we highlight the available protection mechanisms and show you how to use them effectively.
An attacker's goal is to exploit application and computer vulnerabilities (especially their operating systems) alike. In the process, not only servers and workstations attract the attention of attackers, but network devices such as routers, switches, and access points have become targets, especially in recent years. Security researchers are increasingly detecting malware on peripheral devices [1]. If you issue smartphones to your employees with access to the internal network, these devices are also potential gateways for attackers.
Several hundred different attack vectors are known in the literature. Of these, some are well researched and well known to both attackers and system owners, which makes it easy to provide protection against exploits. Brute force attacks on SSH servers, the lack of encryption in communications, and distributed denial of service (DDoS), for example, can be well managed by tools such as Fail2Ban, a public key infrastructure, and load balancing service providers such as Cloudflare. Although CEO fraud has been very successful in recent years, it can often be averted through awareness campaigns. Zero-day exploits targeting unpublished vulnerabilities in hardware or software have virtually no effective countermeasures.
Ransomware, Phishing, and Insiders
Three different attack vectors have been the subject of recent public discussion. Blackmail trojans, or ransomware, often enter organizational networks through forged email or manipulated email attachments. If the recipient
...
Buy this article as PDF
(incl. VAT)
Buy ADMIN Magazine
US / Canada
UK / Australia
Related content
-
Reducing the Attack Surface in Windows
The sum total of all possible points of attack can be defined as the attack surface, and you need to take every opportunity to minimize it to the extent possible. Windows has built-in rules that minimize the attack surface; they simply need to be enabled. - ZeroDay Vulnerability in MS Word
-
Reducing your attack surface
Windows Defender Application Control protects systems against threats that traditional virus scanners and signature-based mechanisms cannot detect by restricting applications in the user context and reducing the code allowed in the system kernel. -
Fight Windows ransomware with on-board tools
Ransomware defense involves two strategies: identifying attacks and slowing the attackers to mitigate their effects. -
ASM tools and strategies for threat management
The tools used in attack surface management help identify attack surfaces more precisely and respond to changes in risk situations.