As cyberattacks become more complex and sophisticated, network administrators are being advised to concentrate on the most important parts of their networks, and often miss small vulnerabilities.
“Everything has a web interface these days,” said Ron Gula, the chief executive of Tenable Network Security. “What we call embedded devices — security cameras, fax machines, the phone system — are usually out of scope of the traditional IT security person, who’s used to being conversant with Windows, UNIX, routers and things like that.”
Hackers, particularly ones targeting international targets, may not know that they are dealing with a thermostat or a printer when they access the network, but will try to use any way in to a network that they can, he said.
For network security professionals, Gula laid out some basic ground rules.
“Ask yourself if you know what’s on your network. Just because there is a printer on the network, that doesn’t mean the printer should be able to reach out,” he said.
There’s been a clear change in device behavior, he said, and network professionals didn’t know that there were devices on the network sending outbound e-mails.
Recognizing that IT staffs can’t be monitoring every action of every connected device on a given network, Fula said that companies and agencies should submit to regular privacy audits to look for anomalies.
Another thing that network professionals have to do, he said, is make it clear to all employees that keeping hackers out of a network is as much their responsibility as it is the responsibility of firewalls and antivirus software.
“Spam is well known but it’s often framed as ‘not my problem,’ he said. “We think about how to keep the hackers out, keep the spam out, but don’t think ‘I’m part of the problem, what should I be looking for.’”
Related stories:
China hack of Chamber of Commerce highlights ‘spear-phishing’ dangers
China hackers hit U.S. Chamber of Commerce
Holidays call for extra security vigilance
Loading...
Comments