Many of you may have heard the recent news on massive distributed denial of service attacks are being launched from unpatched security cameras connected to the Internet-but that is the just the tip of the iceberg. Hackers are targeting a number of unsecured devices now, which will make vulnerabilities and patch management not only a necessity but an artform.
Most IT departments perform their monthly and even weekly automatic updates. This proactive approach toward identifying, mitigating and patching security vulnerabilities in an organization's network infrastructure-large or small-is vital. And while most of the tools associated with automatic updates are effective in patching mission critical systems like servers or operating systems, there are some devices missed or left untouched because they are considered non-critical. In terms of security, these devices are probably the most vulnerable and fall into a broader category of network-enabled devices, such as multi-functional printers, security cameras, temperature-controlling systems, physical access control systems, etc. These devices are difficult to update and patch automatically and need more manual attention by IT teams. The best way to start with securing these devices is to first identify their individual vulnerabilities-this may involve modifying your vulnerability management system to target them. The next step is to patch and install the firmware updates on the most vulnerable devices, and then include these devices in your future, recurring patch schedules. Some new devices also have optional features like performing firmware auto-updates which should be turned on after thorough testing and evaluation. Finally nothing beats ensuring that these devices are properly configured by disabling unneeded features and disabling vulnerable services or network ports on them.
While many small to medium sized businesses (SMBs) may not feel as though they are the largest targets of these attacks, it is best to remain proactive when dealing with IT security issues. Now, more than ever, the security tools and abilities to remain ahead of the infiltrators is within reach for SMBs. The biggest challenge remains maintaining adequate resources (aka manpower).Security is a constantly evolving field with new vulnerabilities, attack vectors, state-based actors affecting the IT systems, and new programs every day. There are also other technical and process challenges including network and systems architecture, existing security products and vendors, incompatible systems, system downtimes especially in 24/7 operations, etc. Being proactive in securing the most vulnerable devices can help thwart the latest rounds of attacks before they even happen But rest assured your trusted IT departments and colleagues are working diligently to protect you from the next attack!
Sameer Ughade; Director, Information Technology