When you buy hardware, you expect it to work right out of the box. You also expect it to be less exposed than software because of hardwiring.
Unfortunately, that’s not always the case. Those metal boxes contain thousands, if not millions of lines of vulnerable programming.
Because the role of hardware tends to be so narrow, these flaws rarely hand over the keys to the data kingdom directly. But, that doesn’t mean you can afford to ignore problems.
These weaknesses give attackers access to your internal networks if you’re not careful. And from there, they can wreak havoc.
Since updating your hardware often lies outside of patching contracts and normal IT processes, you need to manually track and address these devices.
If any of the following apply to you or your business, make sure to address them as quickly as possible.
Holes in the Security Perimeter
The perimeter of your cybersecurity provides the first line of IT security.
Firewalls, virtual private networks (VPNs), and wireless routers all play their part.
When problems with these devices occur, it’s important to fix them as soon as possible.
One such case is SonicWall. They’ve just released patches for multiple remote code execution flaws in their SMA 100 VPN appliances, to prevent authentication bypasses.
While there’s no known active abuse of the problem, 500,000 workplaces with these devices were already attacked in 2021. If you use any of these devices, make sure to update them immediately.
Furthermore, over 2 million small office/home office (SOHO) MikroTik routers are vulnerable to remote code execution attacks. These devices were behind the botnet attack on Russia’s equivalent to Google, known as “Yandex.”
However, since many SOHO users don’t focus on cybersecurity as a top priority, many of these devices remain open to attack.
Researchers also found 226 potential vulnerabilities in low-end wireless routers made by Asus, AVM, D-Link, Netgear, Edimax, TP-Link, Synology, and Linksis. These ranged from hardcoded credentials to leaked encryption keys.
Even though consumer and SOHO grade routers often sit in personal homes, outside of normal corporate responsibilities, you can’t ignore the problems they face. If members of your team work remotely, these can open backdoors into your company security.
However, replacing such hardware also puts your company in a tricky liability situation – you don’t want to be involved in the internet habits of an employee and their family during off hours.
So, what can you do?
The best solution might be to offer a router for your employee’s home network, and supply a laptop to be used exclusively for work.
However, offering hardware like this can be expensive, so you might need to consider alternative approaches, like strong cybersecurity monitoring.
Flaws Behind the Firewall
Although your first priority is to address issues in your security perimeter, you can’t ignore the issues within.
For instance, if an attacker gains any sort of entrance through an employee or phishing attack, then firewalls don’t even matter.
Recently, researchers found vulnerabilities in 150 multi-function Hewlett Packard printers. These include some that grant device access and even propagate attacks throughout a network.
Though HP released firmware updates, they’re technically challenging, and might need the help of advanced IT staff.
Further, QNAP warns of targeted cryptomining attacks to their network-attached storage (NAS) devices for the third time this year. Customers are urged to upgrade their NAS software, strengthen passwords, restart devices, and isolate devices from the internet.
And finally, the Moobot botnet is spreading quickly across unpatched Hikvision IP Network Video Recorder (NVR) security cameras. While botnets don’t usually target companies infected by the malware, the resulting liability from participating in attacks on other organizations can be significant.
Hardware Vulnerability Takeaways
Updating hardware takes time and money, but they need to be addressed.
One option may be to mitigate these vulnerabilities instead of patching them.
Devices can be segregated to their own virtual networks (VLANs) with an accompanying firewall, outbound connections from devices can be limited to specific IP addresses, or communication with these devices could be managed by a dedicated sever.
Of course, this process is also technically challenging and time consuming.
Fortunately, outsourcing provides a cost-effective and efficient option for patching specific devices, isolating unpatched hardware, or for cybersecurity monitoring.
Contact Ideal Integrations at 412-349-6680 or fill out the form below for a free consultation on various ways our experts can help locate and address vulnerable hardware on the network.