“Attackers don’t have to know you’re utilizing it. They simply need to poke the system to search out out. Essentially, organizations maintain legacy protocols lively not as a result of they wish to, however as a result of they concern breaking a mission-critical legacy app,” mentioned Finn.
Regardless of Microsoft recommending that organizations improve to NTLMv2 and Kerberos for greater than 20 years, it seems not everybody obtained the memo. “In crypto phrases, NTLMv1 isn’t simply outdated, it’s archaeological,” mentioned Rob Anderson, head of reactive consulting providers at Reliance Cyber. “NTLMv1 continues to be enabled, not as a result of it’s wanted immediately, however as a result of it was wanted as soon as, and no one is sort of courageous sufficient to show it off and see what breaks.”
Regardless of these fears, organizations have to take motion. “Scan for its use, discover out why it’s in use, register it as a excessive danger and get to work eradicating it, with achievable deadlines,” he suggested.
