This segregation is one of multiple layers of protection in our 'defense in-depth' approach.
Defense-in-depth is a set of basic techniques, including network segmentation, that the US government consistently urges people to implement.
Others include network monitoring, multifactor authentication, and access control lists.
Because of the potential mischief a bad actor with desktop access can wreak, TeamViewer users should up their security game, according to industry groups.
The NCC Group, which originally issued a warning under an amber/limited classification but then changed it to green/public, advised its customers that, while awaiting final confirmation of the extent of compromise, they remove TeamViewer from their systems if possible and closely monitor hosts that had the application installed if not.
The Health Information Sharing and Analysis Center meanwhile issued similar advice to the healthcare sector, adding that organizations should implement two-factor authentication and allowlists/blocklists to control who gets to access systems via TeamViewer.
Stakes are particularly high for remote access application security because of the legitimate access to users' systems such software provides.
In January, Huntress reported that two hacking attempts started with TeamViewer instances, and there is a long history of attackers using remote desktop software to implant malware.
The apparently limited impact of the latest incident shows the value of defense-in-depth techniques to limit the effect of intrusions.
This Cyber News was published on www.darkreading.com. Publication date: Fri, 28 Jun 2024 21:25:07 +0000