Over the last few years, I’ve seen a rise in breaches being caused by a lack of patching.
Not a big news revelation I know, however there is a rather worrying new trend happening - Hackers are patching your systems for you!
Why would a hacker secure your environment I hear you ask? It’s an interesting question, so I spoke to our Security Operations Centre team and our Ethical Hackers for their thoughts on why this is becoming more common.
- Reason 1 - Very simple, you have been hacked by a not so friendly hacker who is inside your network either gathering data, or just leaving a door open for the future for when they have time to come back and root around your data or intellectual property. So, he fixes your vulnerabilities for you but leaves himself a way back in. Therefore, when you run your external penetration tests all looks secure.
- Reason 2 - This one interests me a lot, but also scares me given my reliance on Internet of Things (IoT) devices - things like amazon echo, Google home, nest cam, hive, ring and so on. Even my fridge and oven can now be connected to the internet to be controlled. Now we have friendly hackers, or so it seems, who will patch your vulnerable systems before the non-ethical bad hackers attack them. This sounds great on the surface, vigilante hackers out to save the world!
What I discovered from speaking to our Ethical Hackers is that this does not always help. We find that these friendly viruses, or ethical worms, can have vulnerabilities themselves and can be exploited by non-ethical bad hackers.
Vigilante viruses are nothing new and we should not be overly alarmed, but it does bring me to my main question - if you’re not patching your systems then who is?
If, like many companies I meet, your IT team spend more money on products than securing current systems, then it is likely you’re backing the wrong horse.
Hackers commonly use free and paid tools like Nessus to identify companies with weaknesses. These tools can be complex to use to their full potential, but it's worth having a trained member of staff or a trusted 3rd party to run tests at least monthly and show you what the hackers around the world see.
If you’re concerned about how up to date your company’s patching is or you just want a general chat on Cyber Security matters, please do get in touch by dropping me a line David.Johnson@communicateplc.com or call me on 01740 661071.