The internet was designed for plenty of reasons, not least to give people worldwide a way to trade information with one another. It wasn’t prepared for security — at least not in the way we think about cybersecurity today.
While the pioneers who developed what we now refer to as the internet were forward-looking, they were building the world’s largest information network in a time when cybercrime, data encryption, and overall security were not the concern that they are today.
The ARPANET, which ultimately became the internet, was initially designed as a closed network with minimal regard for what we might think of as modern cybersecurity implementations.
The protocols upon which the internet runs were designed to work were not necessarily secure by today’s standards. New protocols help by closing security and privacy holes. Some older protocols are deprecated in favor of new ones to patch some of these vulnerabilities.
For example, Telnet was switched up for SSH because Telnet sends credential information, including usernames and passwords, in clear text that an attacker could intercept. In other cases, protocols can be updated to patch vulnerabilities.
Unfortunately, some companies aren’t managing to keep up. According to a recent report, almost 90% of companies have devices that utilize protocols considered outdated. For example, Microsoft developed the SMBv1 Server Message Block protocol in the 1990s as a protocol used mainly for sharing files, communications between computers on a local network, and printer services.
While it was helpful for this task, it was later discovered to house several vulnerabilities, many of which made it possible to launch a remote code execution attack against a target host. As a result, SMBv1 was deprecated in 2013 and is no longer supported on Microsoft Server by default.
Despite this, it remains detected in 88% of environments, and almost one-third of organizations have at least 100 devices that continue to use the protocol.
Another protocol called NT LAN Manager version 1 was also deprecated due to the discovery of significant flaws. Microsoft itself noted that advances in both hardware and software meant that it was now vulnerable to attacks that could be used to obtain user credentials.
However, it is still found upward of 50% of environments, while 19% have at least 100 devices that continue to use the protocol.
The fact that these insecure protocols are still exposed represents a massive problem. Enterprises should be cautious about the protocols used both for internet-facing systems and ones on the inside of their networks.
Vulnerabilities that could, for example, be harnessed by an attacker to view credentials in plaintext open up a slew of potentially damaging attacks that bad actors could wage.
In SMBv1, it was seized upon by cyber attackers who engineered the worms WannaCry and NotPetya, which infected massive numbers and computer systems and cost companies billions of dollars. Despite this, as noted, SMBv1 remains in widespread use.
The most advanced threat actors out there are not necessarily searching for ways to crack the latest security. While their aim may be to break into the most valuable systems they can, they will try and do this most straightforwardly. Insecure outdated protocols represent low-hanging fruit in this domain.
Outdated protocols are the equivalent of burglars finding an unlocked rear door on an otherwise impenetrable home. Furthermore, due to how widely used these protocols remain, attackers, know that they still have a good chance of discovering ways to utilize established attacks against these protocols — despite them having been deprecated many years ago as far as official usage goes.
Modern protocols are vital for cybersecurity. Companies need to use secure, encrypted protocols for data transfers — or risk facing extremely damaging scenarios.
The most prominent step organizations can take, of course, to stop using these protocols. Gain visibility that will allow you to know which protocols are being used and then take the necessary steps to replace insecure protocols with updated solutions.
To protect against attacks, there are several steps you can additionally take. For example, database firewalls, user rights management, and data masking, and encryption can all help safeguard against the exploitation of vulnerabilities.
Similarly, user behavior analytics, Database activity monitoring, and alert prioritization can help detect abnormal behavior — potentially indicative of threats — and offer alerts about these incidents.
Cyber-attacks continue to be a significant problem that isn’t going away any time soon. Organizations must be wary of the latest attacks and any exposures they potentially have, making them a target.
However, when it comes to using outdated protocols, these are easily avoided errors that should be rectified as quickly as possible. After all, just because attackers might want to target you doesn’t mean you should make it easy for them.
The integration of AI technologies like GPT-4 into various aspects of our lives brings forth… Read More
In the dynamic world of on-demand transportation, the Uber Clone app offers a swift and… Read More
Concrete is renowned for its durability and strength, making it a popular choice for various… Read More
There are myriad aspects to keep in mind if you want to take your business… Read More
Artificial intelligence (AI) is transforming how organisations work, providing new prospects for development and efficiency.… Read More
The increasing interconnection of our digital world has brought website security to the forefront as… Read More