When you go to work, you do not leave the back door of your house unlocked. However, for some reason, you often leave a backdoor open in your network, allowing attackers to disrupt your business or steal your data.
Organizations and cybersecurity experts around the world are constantly identifying, countering, and preventing attacks on their networks and devices. The best way to address cybersecurity challenges is a proactive approach.
First, let’s look at the current problems.
Cybersecurity in perspective
For many years in IT, efforts have been made to protect personal computers and the data they contain. However, network switches that support infrastructure and access points are often overlooked. These switches and access points have vulnerable operating systems just like PCs, but many companies ignore this potential weakness.
A major contribution to this problem is the growing number of mobile and personal devices and, most importantly, new IoT (Internet of Things) devices that often lack built-in protection. They significantly increase the likelihood of security breaches. With the rapid growth in the number of devices, cyberattacks are also increasing in volume and complexity, and recovery costs are rising sharply. This issue exists across many industries; in healthcare alone, cyberattacks cost around 6 billion dollars per year.
We can classify successful cybersecurity incidents into two types: cyberattacks and data breaches.
A cyberattack attempts to create physical effects or manipulate, disrupt, or delete data. In other words, it interferes with normal business operations. DDoS attacks fall into this category, as well as data destruction, equipment damage, and ransomware attacks. Cyberattacks sometimes take the form of extortion, when a hacker demands payment or ransom, threatens operations, or blocks access to critical data.
In the case of a data breach, the incident does not necessarily disrupt business operations, but involves unauthorized access or disclosure of personal data. In other words, it is cyber theft. Such theft can cost the owner of the data hundreds of thousands of dollars in compensation.
These thieves and hackers gain access through backdoors that are left open; in some cases even through default manufacturer passwords.
.jpg)
The growing number of internet-connected devices is significantly transforming business. On the other hand, IoT promises to make business smarter and more efficient. From automatic monitoring and control of equipment and physical environments to identifying necessary products or business processes that might otherwise go unnoticed, IoT delivers efficiency, cost savings, and many other benefits.
As physical objects become digital, significant business opportunities arise.
However, this comes at a cost, as IoT devices disrupt traditional business models, driving new business models, ecosystems, and, of course, risks.
IoT combines several unstoppable trends: automation, artificial intelligence, virtual/augmented reality, and an endless demand for data. The potential growth of connected devices automatically feeding business systems with data is enormous. IoT will inform companies about everything—from how customers use products to when critical equipment needs replacement.
But there is always a downside.
IoT significantly increases cybersecurity risks. One widely used IoT device type is security cameras. However, they are also among the most targeted devices by hackers. Even if you think your camera is not interesting to attackers, it can become an unlocked door into your network. Studies show that security cameras represent 47% of vulnerable devices in home networks.
1) You must know which devices are connected
2) All connected devices must be classified
3) After connection, devices must be segmented according to their use
4) Create specific security policies and continuously monitor these devices
When a device connects, it must first go through authentication enforced by the network.
Then the network classifies the device and assigns it to a virtual segment that is fully isolated from others. Devices within one segment cannot see or communicate with devices in another unless explicitly allowed. Security policies and QoS (Quality of Service) rules are applied automatically.
Virtual segmentation also prevents a security breach in one part of the network (for example, surveillance cameras) from spreading to other parts such as point-of-sale systems. This can be achieved using VLANs or SPB (Shortest Path Bridging).
Network equipment security challenges
Network administrators implement security solutions for workstations and servers, but they must also secure network switches and access points (APs). Since switches and APs run operating systems, they are also vulnerable to attacks.
Network switches and access points often come with “secret” default hardware names and passwords intended for vendor maintenance and engineering access.
Unfortunately, this also makes it easier for hackers to access the network through these backdoors. Hackers can inject malware, exploit vulnerabilities, or access confidential information.
A good practice is to choose network equipment that uses independent third-party verification and validation (IV&V) of the operating system source code, ensuring compliance with security best practices and white-box/black-box testing.
Another exploitation method involves identifying memory addresses where open-source functions or data are stored in order to create buffer overflows. A best practice to prevent this is software diversification and Address Space Layout Randomization (ASLR), which makes system memory layout unpredictable and harder to exploit.
Do your switch and access point vendors secure their operating systems?
Even if you do everything possible to secure your network and business assets, you must also rely on your infrastructure vendors to do the same.
Cyberattacks are increasing and becoming more complex, requiring greater attention. Alcatel-Lucent Enterprise addresses this issue for its own business as well.
For IoT, ALE network solutions automatically recognize and classify devices, segment the network for additional security, prevent or contain attacks, and continuously monitor the network. ALE also implements independent verification and validation (IV&V) and software diversification in its operating systems. It is independently certified by multiple international organizations including JITC, NIST, FIPS, NATO, and Common Criteria.
For customers concerned about origin compliance, ALE offers TAA-compliant switches.
ALE network security includes many additional aspects not covered in this article. Contact InfoTel experts and do not leave backdoors or vulnerabilities open in your business due to unsecured network switches or poorly protected IoT devices!