Application layer attacks has been an attack vector for the ages now. Application-layer attacks target computers by causing a fault in a system which as a result enables to gain the ability to bypass normal access controls. For as long as there are entry points in firewalls for applications, there will always be exploits of the resulting vulnerability, resulting in this kind of attack. However, letting applications through firewalls is necessary to do certain business operation. For example, to allow remote users to access email.
Businesses can take the defence-in-depth approach, however as soon as they open a port up to the internet, they introduce a new risk of attack. Technically, the means of mitigating the risk from application layer attacks needs to be proportionate and may vary. However, securing the application layers is dependent on people and great security processes and hygiene. Most breaches come from insiders, either through negligence such as poor training or simply failing to understand why their behaviour impacts security, or malicious activity. There is a variety of things to consider around users of applications. People are not only part of the threat, but will be the best defence to the threat:
- Application password hygiene – force them to choose an excellent password but force them to change it every 30 days.
- Put appropriate barriers in place for authentication by users. Use two-factor authentication.
- Keep measures appropriate and usable so they are user-friendly enough to stop users trying to circumnavigate them.
- Understand information assets – use defence in depth at the application layer.
- Segregate sensitive and non-sensitive assets.
Remember that most breaches come from people as proven by the epic story of Morrison breach by a disgruntled employee with access to sensitive data, or Edward Snowden. External threats can’t be ignored, of course, however the frequent occurrence of breaches by internal weakness with people, supported by technology can play a part in best defence. It would be impractical for businesses to stop allowing applications through firewalls, so understanding the risk to information assets is imperative.
Visit cyber.qa.com for more information on how they can help solve the Cyber Security skills gap.
More articles by James
Cyber Pulse: Edition 105
Read the latest edition of Cyber Pulse, our round-up of cyber news.16 March 2020
Cyber Pulse: Edition 104
Read the latest edition of Cyber Pulse, our round-up of cyber news.09 March 2020
Cyber Pulse: Edition 103
Read the latest edition of Cyber Pulse, our roundup of cyber news.02 March 2020
Cyber Pulse: Edition 102
Read the latest edition of Cyber Pulse, our roundup of cyber news.24 February 2020
Cyber Pulse: Edition 101
Read the latest edition of Cyber Pulse, our roundup of cyber news.17 February 2020
4 things you need to know about cyber security in 2020
Cybersecurity researcher James Aguilan predicts four areas that will shape the future of cybersecurity in the decade ahead.22 January 2020
How does Ransomware-as-a-Service work?
Cyber security Researcher, James Aguilan looks at how ransomware-as-a-service works, and how organisations can protect themse…07 August 2019
Phishing Campaigns: Defending organisations against phishing
QA Cyber Security Trainer, James Aguilan, argues that understanding how to defend against phishing is of paramount importance…15 February 2018
Is Mr Robot a good representation of real-life hacking and hacking culture?
QA Cybersecurity trainer James Aguilan looks at several scenarios featured in the hit US TV series Mr Robot – and how they ma…19 February 2018
Safeguarding your Digital Footprint
QA Cyber Security Trainer, James Aguilan, shares 6 tips that can help you safeguard your digital footprint.05 March 2018