SecurityThing – Why Business Feels Vulnerable To Security Attacks: [02/28/2019]
It’s another It’s a Security Thing Thursday. Craig talked about why businesses feel vulnerable to security attacks and what they can do about it.
Share This Episode
For Questions, Call or Text:
Below is a rush transcript of this segment, it might contain errors.
Airing date: 02/28/2019
Why Business Feels Vulnerable To Security Attacks
Craig Peterson 0:00
Hey everybody. Craig Peterson here. This is a little bit of a Security Thing today and it’s all about two thirds of businesses. What are they thinking? You know, I’ve got a new section on my website at http://CraigPeterson.com that is all about security breaches and why they occurred. And I think it’s really important for people to understand what’s really happening out there. So that’s why we’re doing it. My wife and I’ve been putting a lot of work into that. But one of the articles that we have up there right now is from Infosecurity Magazine, and it’s talking about how to in three, that’s two thirds of organizations say that they are not convinced that they can avoid a breach. Now to me, that’s a very big deal. I just don’t get it. This was a Parliament Institute survey that was done of 600 cyber security leaders and professionals in these organizations. Now these people were people who are responsible for evaluating, selecting or implementing security solutions. And those are the only people who are supposed to take part in the survey. So it should be a pretty legitimate survey when it comes to understanding are these companies really positive about the outlooks or negative about the outlooks?
Now I can tell you that the software we use for our bigger clients is designed to be really is designed to be 100% safe, and it’s better than 99.9% safe statistically after billions of attempts to hack it. Quite literally billions. It never been never been broken through.
So I know personally that there are ways to make sure that you aren’t broken into. But here we go with these numbers. This is a quote right from the article vulnerability management particularly those vulnerabilities and unseen or unpatched systems is an issue for many organizations was 69% of respondents identify and delayed patching is an issue. 63% admitting they are not able to respond to alert.
Now I have seen both of these as real big problems and they may be problems for you too because delayed patching is a problem in some areas of the business more than it is in other areas of the business so for instance if you have a really good next generation firewall like what, again I keep coming back to what we’re using right, but there’s Cisco their Firepower firewall family ties in with their switches, ties in with the software on your computers to help make it so that if something does happen, it recognizes almost instantly.
So what they’re talking about, really here are zero day attacks. In other words, attacks have never been seen before, all the way through attacks that maybe have been out there for six months like Equifax and they got hacked because they didn’t patch and that’s a real problem. It’s a real problem and patching organizations don’t do because it can mess things up. So let’s say that you’re a small organization. And if you’re a small organization, you are probably running a website, but you’re probably not doing it yourself. You probably didn’t write the software for your website from scratch. Most likely you’re using WordPress, or maybe Drupal which has turned into be quite the security nightmare.
But let’s say you’re using WordPress. How much patching do you need to do nowadays WordPress will patch itself and there are plugins you can put into WordPress that will not only make sure the core WordPress is up to date, but all of your modules, all of the things that you’ve installed in WordPress, all these plugins, it’ll make sure they’re all up to date as well. And it does it all automatically. So rule one, make sure those are in place. And just this week it was Monday night, I guess. I don’t know it was over the weekend. That’s what it was. We started getting alarms from our Firepower systems telling us that we were under attack and they were trying to use some vulnerabilities in some of the common software that used on the web. And it was the software that’s typically used by bigger companies. It was some middleware attacks that were underway and it recognized them, it stopped them.
In fact this week no I think you but it’s been a bad week for a tad attacks. We stopped a one of our customers. It’s a fairly small company that is a very small company. But we have this technology in place for them because they are concerned about about breaches. And for some reason, over the weekend, when people are usually not there, because part of what we do is monitor when they’re working, what are they doing when they’re working? And what’s abnormal? Well, we saw some abnormal stuff happening. And it was very abnormal stuff because they were sending files to a public file sharing service over on Google.
And so again, automated systems took over and it was stopped almost instantly, which is again a very big deal a very good deal very positive thing. So we’re meeting with them today to talk about what happened, the incident and how it was responded to and who was trying to breach what, you know, how did this happen? How could this happen? And it kind of smells like it was probably an insider who was just doing something that, you know, hopefully not malicious because many times your insiders will try and steal customer lists or plans or diagrams and other things and share them with someone else. And as part of that sharing, of course, they get a little remuneration right? They get a few bucks sent their way so that might have been what happened and and the reason we didn’t meet with them right away is one they the CEO was very busy this week and two, we stopped it. So what’s with these two thirds of companies that think they can’t stop it? Well, they probably have an antivirus mentality because antivirus does not work anymore. You need a much more integrated, much larger response mechanism in place and needs to be completely automated in order to really stop the bad guys nowadays.
But secondly I have to feel for them because you have an additional problem. And that is if you wrote the software for your business. In other words, a company like Equifax has huge department with programmers and analysts and stuff. So they write their software, they have to maintain it. So let’s say they’re using Apache Struts. And there is an Apache Struts attack, which is what actually happened to us this weekend. Now, in our case, it was stopped. But in many cases, it just won’t be stopped. And it can’t be stopped because they don’t have the right stuff in place. So there’s a Struts to attack because they haven’t patch well why didn’t they patch because they have to test their whole system. An integrated test, right? And that integrated test has to look at every component try it all tested all so it might take six months to do a patch because you can’t just throw it in place. So an organization like that where you are writing your own software, I would highly advise you have one of these fully integrated systems like what we have in place for many of our clients now.
So that’s what I wanted to point out. Two thirds of businesses think that they just can’t avoid a breach. In fact, you can avoid a breach, it doesn’t matter the size of the organization. And if your people are telling you, you can’t avoid a breach, they are wrong. Okay, they either don’t know what they’re talking about. Or they’re being way, way, way, way too honest. Because there’s always a chance that there is a breach or potential breach. But based on the responses from these guys where they’re saying that the obstacles are really the mitigation and patching mitigation. You can take care of patching, you can kind of take care of but you can mitigate all of these risks by using the right kinds of systems. So anyways, that’s a little bit of a security thing for today.
I’m a little disappointed to see this come out I’m glad Kacy Zurkus wrote this article you’ll find her on on Twitter as well as LinkedIn and the articles up on my website at http://CraigPeterson.com. You’ll also find it over at Infosecurity Magazine. Take care. We’ll talk to you a little bit later.