IT Mobility Under Attack
IT Mobility Under Attack
2019 has seen the rise of hackers racing to exploit critical vulnerabilities in both traditional Remote Access and newer IT Mobility solutions. Critical vulnerabilities have been uncovered at some of the most respected security and remote access vendors on the market, with Cisco, Citrix, Fortinet and Palo Alto all having to contend with hidden flaws in their solutions. These could have led to the exposure of user credentials, sensitive logs or even allowed unauthorised code execution.
As we reported back in 2018, the delay between vulnerability detection and real-world exploitation has been shortening dramatically with flaws actively weaponised by both state-sponsored hackers and industrial criminal gangs ahead of most companies’ speed to patch.
Threat researchers usually provide software vendors an opportunity to develop fixes before revealing the vulnerability to the world but have occasionally been known to publicly disclose vendors they deem to be unresponsive. Google’s Project Xero have recently amended their disclosure policies to offer vendors a full 90-day period during which they would not publicly disclose the issue, providing enough time for vendors to develop and release fixes.
The potentially devastating impact of failure to apply fixes has been a wake-up call to many organisations. Travelex, a well-known Foreign Exchange provider was allegedly attacked via an unpatched Pulse Secure VPN appliance. This attack, identified on New Year’s Eve, resulted in the ransomware encryption of company data and as of the 27th January some of Travelex’s services had yet to be restored.
Whilst it’s still not clear whether this affected customer data, faith in the firm has been unquestionably damaged and has led S&P to issue a warning regarding Travelex’s financial health.
The Travelex attack should be a reminder to all organisations to regularly review their estates and ensure that products are always proactively managed and maintained.
– John Bryant, Chief Technology Officer
Options works closely with clients to actively patch any and all vulnerabilities – it is imperative that operating systems and 3rd party software products are kept up to date. Security doesn’t end with vulnerability patching; well-trained employees and a strong supporting security team are also essential. We continuously roll out rigorous training programs alongside numerous platform security enhancements, in addition to new cybersecurity initiatives to safeguard our clients’ data. For the latest on our Security, Intelligence and Analytics product offering, download our product sheet here.