“Attackers don’t must know you’re utilizing it. They simply should poke the system to seek out out. Essentially, organizations maintain legacy protocols energetic not as a result of they wish to, however as a result of they worry breaking a mission-critical legacy app,” mentioned Finn.
Regardless of Microsoft recommending that organizations improve to NTLMv2 and Kerberos for greater than twenty years, it seems not everybody obtained the memo. “In crypto phrases, NTLMv1 isn’t simply previous, it’s archaeological,” mentioned Rob Anderson, head of reactive consulting providers at Reliance Cyber. “NTLMv1 continues to be enabled, not as a result of it’s wanted at the moment, however as a result of it was wanted as soon as, and no one is sort of courageous sufficient to show it off and see what breaks.”
Regardless of these fears, organizations must take motion. “Scan for its use, discover out why it’s in use, register it as a excessive danger and get to work eradicating it, with achievable deadlines,” he suggested.
