Common Types Of Network Vulnerabilities
The corporate network is a critical cornerstone in corporate cyberspace, and its importance is reflected in its popularity as a target among the hacker community. Vulnerability in the corporate network is any weakness in the software, hardware, or workflow that can lead to a network breach.
What is a network vulnerability?
Network vulnerabilities are flaws in software, hardware, or organizational procedures, These vulnerabilities can be exploited and cause the loss of valuable data and revenue.
These vulnerabilities make an organizational network a popular target for hackers. According to Puprlesec, 68% of companies in 2022 experienced a targeted attack on their networks and suffered data loss as a direct result.
1) Hardware Vulnerabilities
These are all the physical devices connected to the network, also known as IoT- the Internet of Things. Nowadays, everything can be categorized as IoT, from routers to refrigerators, electric boilers, smartwatches, and alarm systems. These devices are hacking targets and vulnerabilities that can be exploited by malicious actors.
Known as a common vulnerability in the network, routers need periodic updates and maintenance by a professional who can perform proper configuration. Most routers are based on Linux, and in recent years bugs and failures in the installed software have been discovered. Consider updating regularly, and if possible set up automatic updates. Additionally, beyond changing the original username and password, and enabling the basic encryption that comes with each router, it is recommended to install a firewall that includes both anti-phishing and anti-virus. Furthermore, it is important to create an additional guest network, separated from the internal corporate network.
Stealing a work laptop or gaining access to the organization’s physical facilities is a popular way to break into the corporate network. Once the device is obtained, it is a very simple process of downloading malware by inserting a USB, to be used later as a back door or spyware. Laptops are a popular destination due to accessibility and ease of theft, and with the integration of the hybrid work model carrying a work computer outside the office has become very common. Therefore, it’s important to make sure that every computer that leaves the organization’s premises is protected by a strong password, encryption software, and limited access.
Many believe that a firewall is an adequate defense for the entire network because it protects against IP addresses that are defined as prohibited and manages to prevent DDOS attacks. However, traditional firewalls are no longer sufficient, and many have moved to WAF, a web application firewall that identifies attack patterns and blocks users and requests. Moreover, further separation should be created between the accessible internet to the internal network and more sensitive areas in the corporate network, using a number of firewalls and proper segmentation.
Devices that connect to the network – from smartwatches, alarms, refrigerators, and microwaves – can be manufactured in non-original factories. These components are particularly vulnerable to hackers, more so than the original products. Take it from the fashion gurus, never by knockoff.
2) Software Vulnerabilities
Software developers regularly release updates aimed at preventing the exploitation of vulnerabilities discovered in the software. It is very important to pay attention to these updates even if they are released in high frequency. Even systems that seem marginal to you, such as CMS systems or even IoT systems like printers, need updates, but less frequently. In addition, there are so-called Legacy Products, which are systems that manufacturers have decided to stop their maintenance, and have ceased update releases and technical support. The most well-known legacy system is Microsoft 7 operating system, which is no longer supported by Microsoft, and systems running Microsoft 7 after the EOL date pose a cyber threat to the corporate network.
Source: Know your meme
This is a generic name for any malicious code created by a hacker in order to gain access to the corporate network, steal and destroy information or devices. Unlike ransomware which retains information until the ransom is paid, the malware is not intended to bargain with the victim, but to permanently destroy files or steal them for financial or ideological motives. Malware-affected systems will often run slower, send requests randomly, reboot irregularly, and begin actions without user permission.
Although included under the software category, it is important to note that most of the malware is downloaded to a computer by unaware users. Logging on to unsafe sites, falling for phishing messages, and connecting to infected devices are the most common ways to download the software, so user behavior is critical in this case. The outcome of malware for Small and medium-sized businesses can be devastating, as the destruction of the devices can entail huge financial costs, or give hackers access to data that endangers the company’s customers.
The most common types of malware are:
- Viruses – Software that copies itself and injects malicious code into other files on the device
- Keyloggers– Record all keyboard typing strokes, thus giving the hacker unlimited access to the user’s data, login information in particular.
- Worm – Similar to a virus, but able to spread itself independently on internal networks or the Internet.
- Trojan horse – Disguised as legitimate software, the Trojan horse runs quietly and allows the attacker to connect remotely.
- Ransomware – Includes encrypting the data on the user’s device, whether it be professional or personal data, and denying access from the owner until the payment of the ransom is made.
Created with Freepik
3) Vulnerabilities caused by employees
Employees are the number one cause of cyber security breaches. According to a Haystax survey, the majority of cyber professionals (56%) say that insider threats are on the rise.
Users with access to sensitive information are considered the greatest threat (60%), consultants and contractors in second place (57%) followed by employees with a normal level of access (51%).
Human error can often result in catastrophic outcomes, like John Podesta who clicked on a malicious link that led to the leak of Hillary Clinton’s emails in 2016.
These attacks use emails, text messages, and calls that seem to have been sent from a legitimate source but are actually from a hacker with the intention of installing malware or stealing sensitive data. The message usually calls the recipient to click on a link or download a file, creating a sense of urgency. There are many types of phishing attacks, with the most sophisticated and difficult to detect being Spear Phishing. However, there are many ways to reduce the risk, such as a strong email gateway that monitors sent and received emails, or training employees to raise awareness. To read more about all types of phishing attacks and identification methods, continue to our phishing article.
The use of one-step authentication that only includes entering a username and password is not adequate, especially nowadays with automatic password saving. Two-step verification can help strengthen the process, by including not only an additional device filter, but adding more data such as geographic location, user behavior, and other information that can help the system recognize credible users from malicious hackers.
We’ve all sinned, but enough is enough. No more password recycling- use lowercase and uppercase letters and random numbers. Do not use meaningful dates like your anniversary date, and store them in a secure location- not your phone’s notes under the heading “passwords”.
Read 7 tips on how to manage your passwords securely.
The best defense against cyber hacks using network vulnerabilities are network penetration testing, simulating an attack against the organizational network components