Small businesses often talk to IT vendors strictly in terms of computers.
Certainly, network design for the personal computers and servers is a critical baseline, but often it fails to capture the reality of the modern office.
Voice over IP telecom systems, smart phones, voice-activated devices such as the Amazon Alexa, and many other devices are connecting to networks – often without any “heads up” to the IT folk who must secure the network.
This can lead to unexpected back doors and vulnerabilities.
Security researchers found a critical remote code execution vulnerability in popular models of enterprise VoIP desk phones.
As covered by CSO Senior Writer Lucian Constantin, McAfee researchers publicized the vulnerability in the Avaya 9600 Series IP Deskphones at Defcon 2019. Avaya has confirmed the vulnerability, noted that it affects other Avaya phones, and has made a patch available since the end of June.
The vulnerability centers around the DHCP service that the phones use to obtain IP addresses on the network. Attackers can send maliciously modified DHCP responses to the phone, cause a buffer overflow, and gain the ability to execute code with root privileges on the device.
This allows attackers to spoof calls, change messages, exfiltrate audio calls, or even turn on the internal microphone to eavesdrop on conversations.
More Network Exploits Exist
As if having your phone transmit your corporate conversation to a hacker isn’t bad enough, keep in mind this is just one possible exploit.
Josh Fruhlinger of CSO magazine reminded us that in October 2016, the Mirai Botnet used hacked baby monitors to execute a DDoS attack. Once someone has access to a device on your network, only your vigilance and preparation can prevent a host of escalations.
While we are not often that informed about the unsecured TV that marketing plugged into the conference room, or the ‘smart’ coffee mug that your warehouse manager received for his birthday, these devices open windows of opportunity on networks.
However, despite the novel nature of these particular windows, the process for securing the network remains the same as in the boring old days when we only had PCs:
–Monitor devices: Know what devices are connecting to the network. Be able to identify the authorized devices, the casual BYOD devices and the malicious attackers.
–Monitor behavior: Know when there is a change in what parts of the network a device is trying to access and the way that data packets are flowing. If a phone is sending data to a specific IP outside of your network for more than an hour, maybe it should raise a red flag.
–Limit Damage: Even small companies can benefit from segregated networks and subnetworks. Create a limited access wi-fi network for the BYOD devices and guests so that they can be used, but the potential for harm is limited.
–Patching: Keep patching of all devices up to date. Even the ones that might not be computers. Of course, you need to know the device is there (see the first point)…
Building a Safe, Secure Network
Let Ideal Integrations make sure your crown jewels are not sitting on the same network as the unsecured Alexa in the corner!
We provide network monitoring, network design and the managed services to address many of these issues for you. Additionally, our Blue Bastion Cybersecurity team can monitor your networks for breaches, check for vulnerabilities and help you recover from attacks.
Connect with us to secure your managed IT solutions in Pittsburgh, and all around the United States!
Contact us here, or complete the form below, and our team will help you determine what works well for your needs.