Earlier this month, Palo Alto Networks discovered ten critical vulnerabilities in Internet Explorer browsers, underlining the importance for businesses to focus on knowing the risk of running vulnerable software.
Check out five core concepts on how to protect your organisation against vulnerabilities.
Sharat Sinha – Vice President, Asia Pacific for Palo Alto Networks – shares his views on how businesses and organisations can protect themselves against malicious attacks and avoid compromises to their network security.
Below are Sinha’s views.
Check out five core concepts (highlighted in the boxes) on how to protect your organisation.
Insights on protection against vulnerabilities – by Sharat Sinha – Vice President, Asia Pacific for Palo Alto Networks
Microsoft and Adobe have made a priority of working with companies and finding and fixing vulnerabilities through programs like MAPP.
Unfortunately, there are other widely deployed applications that have vulnerabilities discovered every day that are NOT discussed enough.
Every year there are more than 5,000 vulnerabilities discovered and businesses need to focus on knowing the risks of running vulnerable software.
Why does Microsoft keep finding vulnerabilities in its IE platform and how serious are they?
We like to take a different tact on this question, and would rather ask “why do major software vendors all over the globe keep discovering and patching vulnerabilities in their software?”
Protection Concept 1
Keep your applications patched and up-to-date.
Vulnerabilities generally only affect certain versions of software, and you greatly reduce your attack surface by applying the patches vendors provide, which close these gaps.
When you ask it this way, you realize it goes far beyond the vulnerabilities that receive media attention such as Microsoft.
There will always be bugs, or flaws in software, especially when you are talking about complex applications with millions of lines of code.
In most cases they are unintentional, though they can sometimes be planted by malicious insiders or adversaries with access to an organization’s network.
Protection Concept 2
Employ basic security protections such as IPS/IDS to prevent exploitation of vulnerabilities at a network level.
Choose a vendor who has a record of creating and deploying new signatures quickly, and is part of information sharing programs such as Microsoft MAPP.
You hear about Microsoft more than others due to how widely used their software is, and the impact it has on this large user base.
Not only this, but they are in many ways leading the charge with the Microsoft MAPP program, which many companies participate in, to share the latest information on vulnerabilities to protect customers and the industry as a whole.
Make no mistake, these vulnerabilities are serious, and all of the ones Palo Alto Networks has discovered for Internet Explorer receive the highest ranking of “critical” by Microsoft, but we believe that this open and responsible disclosure of vulnerabilities, and the sharing between vendors, is a powerful tool against adversaries.
Is this a concern to businesses and what do the vulnerabilities allow attackers to do/access?
Yes, critical vulnerabilities in the software you use each day represents a huge risk to businesses.
Fundamentally, adversaries can exploit these vulnerabilities to gain an initial foothold in a system.
Protection Concept 3
Use Next-Generation Firewall policy as the central control point for your network, safely enabling only the applications you need to run your business, and blocking all others.
This foothold allows advanced attackers to control the system, install malware, and use that as an initial pivot point to move around the network.
Typically, stealing intellectual property is their goal, though they can also seek to bring down systems or deface a company’s public presence.
From a technical sense, critical vulnerabilities like we have discovered allow “full remote code execution,” meaning, an attacker can execute code of their choice on the system from anywhere in the world.
What are the solutions for fixing/protecting businesses against these vulnerabilities?
Oracle’s Java is probably one of the widest deployed and most exploited by web attack toolkits.
Protection Concept 4
Have a solution for discovering unknown threats crossing your network, with the ability to prevent them in-line.
We should be shifting the conversation to encourage businesses to put pressure on companies to fix vulnerabilities as well as the primary application that may use the vulnerable software and help all business to know if they are at risk.
Often I hear that companies HAVE to use old out of date vulnerable software because the vendor that has supplied hasn’t gotten around to fixing it.
Protection Concept 5
Join information sharing groups with your peers, to understand breaking attacks affecting others in your industry.
As an example – the only reason why one company we talked with had a vulnerable version of Java installed on every employees computer was due to the vacation request software that required it!
This single issue put their entire company at risk of silently being compromised by a web attack toolkit.
Tags: Adobe, cybersecurity, IE, Internet Explorer, Microsoft, Palo Alto, PDPA, security, Singapore, vulnerabilities
This entry was posted on Sunday, July 20th, 2014 at 11:00 pm and is filed under Browser, Business IT, Enterprise IT, Internet Explorer, Interview, Interview, Opinion, Reference, Security, Software, Tips. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.