US
UK
Right now, in front of you as you read this, is a computer that can connect you to the whole wide world. You can read the news; see what your friends and family are doing on a number of social media platforms; make an online purchase with your credit card for those trainers you always wanted; you can read your emails including the one from a long lost Prince who has $1M for you. This computer can connect you to almost everything and everyone regardless of where they are on this planet or orbiting in our atmosphere.
Now you’ve checked the news; the weather; and expected delivery of your trainers you just ordered. Time to check some work emails, and the status board of the project you are currently working on, not forgetting your morning cup of tea/coffee (delete as applicable for your desired hot beverage). Are you this person?
This has almost become routine for us, it’s our warm-up for the day, like a runner getting ready for his race. Now we are all warmed up; who has fallen foul of this NCSC Anti Pattern? We open the Admin console of our cloud services / DevOps platform / Exchange servers / IdP / etc. Worse, we use our email address, the same one we use for all our business correspondence. We use our accounts and devices that have access to the whole wide world and all the threats that come with it like malware, and we then log in to the admin console of a trusted system with these devices. This is browsing-up - this is an anti-pattern.
Just imagine the damage an attacker could do if they go into your trusted systems with admins credentials. It’s never as simple as just changing your password, these guys now own you, they own all the accounts. It can take months and months to remove a hacker or worse they can leave with all the data they require, without tripping the monitoring alarms and remove all traces of them ever being in your system. Read this link for more information.
