What network devices can expose your business to a security threat?
What network devices can expose your business to a security threat? Well, generally speaking, network infrastructure consists of interconnected devices designed to transport communications needed for data, applications, services, and multi-media. Routers, firewalls, scanners, switches, intrusion detection systems and so forth.
It’s true that perimeter devices, such as firewalls and intrusion detection systems, have been the traditional technologies used to secure the network, but as threats change, so must security strategies. Organisations can no longer rely on perimeter devices to protect the network from cyber attacks, they must also be able to contain any impact or data loss within the internal network and infrastructure.
In this environment, there has never been a greater need to improve network infrastructure security. Unlike hosts that receive significant administrative security attention and for which security tools such as anti-malware exist, network devices are often working in the background with little oversight—until network connectivity is broken or diminished.
Cyber criminals take advantage of this and often target network devices. Once on the device, they can remain there undetected for long periods, sometimes years!
Even after it’s been cleaned up and control has been regained, a hacker can decide to again attack the recently cleaned hosts. For this reason, you need to ensure that all configuration changes require encryption and multifactor authentication.
Failing to take the proper precautions when configuring new network security devices will introduce more risk into the environment including a new variant of a computer worm known as Mirai. The malware got in the routers via a newly discovered vulnerability in a feature that allows ISPs to remotely upgrade the firmware on the devices. But the new Mirai malware turns that feature off once it infests a device, complicating DT’s cleanup and restoration efforts.
Take appropriate measures to protect your infrastructure by doing this regularly:
• Change default passwords and account names;
• Disable services and accounts no longer needed.
• Make sure systems software are patched and up- to-date with manufacturer specifications;
• Restrict access to the administrative interfaces of management networks; if that's not possible, use ACLs on upstream devices (switches and routers) to restrict where management sessions can originate.