Your firewalls are not enough – forgetting to patch could be your doom
Ask most companies today about their IT security practices when it comes to preventing hacking and network intrusions, and they will tell you that they have a firewall and their IT security department has it under control. But that’s no longer true.
Here’s a familiar scenario: your network is flooded with traffic from a Distributed Denial of Service (DDOS) attack, issued by a botnet of zombie computers and devices controlled by a cybercriminal. The cyberattack takes your network, your websites and all your services offline.
In the past, if you managed to mitigate the attack and keep your services online, this was considered to be a success, but not anymore. Cybercriminals and nation state hackers are getting smarter all the time, and now the worst cyberattacks are the ones you don’t notice.
A company’s firewalls might be able to detect huge amounts of traffic flooding the network, but unless you are using deep packet inspection, most IT departments won’t be alerted to much smaller cyberattacks known as “Dark DDoS”, whereby a low amount of web traffic is sent continuously to the company’s servers.
Because the amount of traffic being sent is so small, it remains undetected. This gives cybercriminals all the time in the world to persistently prod your network and test out a whole catalogue of zero-day security vulnerabilities until they find one that you haven’t patched against.
Once the attackers have found their way in, they maintain the backdoor they have created and slowly steal tiny amounts of crucial data from your network over time so that their presence in the network remains undetected. Or, even worse, they might choose to launch a massive DDoS attack against you.
While your IT department’s attention is diverted to ensuring that the network and services remain online, hackers can then quietly access all the parts of the network that they need to get to, grab the data they need and then disappear without a trace.
Hacking has never been a bigger industry than it is today. Security vulnerabilities are now worth millions of dollars on both legitimate white hat hacker platforms like Hacker One, and in black markets on the Dark Web. Nation state hacking against governments and companies is also at an all-time high.
Ensuring that security vulnerabilities are patched as soon as they are made public is a difficult job and it’s often one that companies don’t focus on enough. This is why we need better standards in the IT industry across the board.
The threat is real. Anyone can be hacked, and worryingly, most academic institutions don’t offer cybersecurity – students have to voluntarily choose to go into the field after studying software engineering or computer science. Cybersecurity shouldn’t be limited to just a few in the know, IT workers should be well-versed in this as part of their training.
IT workers need to be trained how to deal with cyberattacks and better processes need to be implemented to in order to make sure that security flaws are always patched and best practice is followed so that our clients stay protected despite the increasingly dangerous digital landscape.
The Zero Outage Industry standard association is trying to develop a common standard for IT processes, platforms, people and security to safeguard quality and reliability at all levels. Will you join us?
The information contained in this document is contributed and shared as thought leadership in order to evolve the Zero Outage Best Practices. It represents the personal view of the author and not the view of the Zero Outage Industry Standard Association.