You undoubtedly use firewalls to protect your networks from malware-infested internet.
To defend your networks, you’re selective about what data you allow through.
After monthly endpoint patching and updating, you probably rest.
When the pandemic prompted firms to convert to remote work, many on-site gadgets became internet accessible.
These rarely regarded or patched gadgets, which IT staff could monitor remotely, are now under attack.
It’s caused unexpected cybersecurity difficulties.
Devices are tracked down by attackers in this manner
It’s not difficult to locate devices that can connect to the internet. It’s boring as hell.
Using tools like Shodan, you may search for IP addresses, open ports, and devices that reply to open ports.
Cybercriminals are now taking advantage of this.
Detection methods that scan the internet for specific devices are used by a large number of attackers.
Upon discovering a possible victim with new weaknesses, the software then immediately launches an attack on the target device.
Hacking groups from both the government and the criminal world were able to reverse-engineer Microsoft Exchange Server updates after they were released. On systems that had been identified but hadn’t yet received a patch, they launched attacks.
Even now, almost a year later, ransomware attackers are constantly finding servers that are weak points in defences against their attacks.
NAS Attack
NAS is typically thought of as existing solely within a network.
Although these devices can be exposed to the internet, known vulnerabilities can still be exploited by attackers.
QNAP’s NAS devices, for example, have taken a beating over the last few years. Here are only a few examples of current cybersecurity vulnerabilities that were not expected:
- AgeLocker ransomware – July 2020
- Cryptomining – December 2021
- eCh0raix ransomware attack – December 2021
- Universal Plug and Play (UPnP) and port forwarding vulnerability – January 2022
- Denial-of-Service vulnerability in OpenSSL – March 2022
- Linux Kernel 5.8+ ‘Dirty Pipe’ – March 2022
- Apache HTTP Server unauthenticated user vulnerability – April 2022
Regardless of how prominent QNAP may be in the news, this isn’t at all unique.
The DeadBolt ransomware attacks against ASUSTOR NAS equipment, and Western Digital NAS troubles, can also be cited as examples of unforeseen cybersecurity vulnerabilities.
- My Book NAS involuntary factory reset or data deletion – July 2021
- My Cloud arbitrary code execution vulnerability – March 2022
My UPS: Unexpected Cybersecurity Issues Time to Shut It Down
The US Cybersecurity and Infrastructure Agency (CISA) and the Department of Energy (DOE) have issued a notice on the dangers of internet-connected uninterruptible power supply systems (UPS).
Until recently, UPS machines were nothing more than batteries with a few switches attached to them. People, for the most part, ignore their own safety in this way.
As a result, the 20 million APC Smart-UPS deployments must be investigated quickly.
As long as these UPS devices can be breached, attackers can get access to your internal network, prevent backup power from being provided, or even cause your UPS to burn out.
It’s possible you’ll overlook this issue, even though researchers discovered it before it was used by cyberattacks.
You’ll have to be on the alert for more unanticipated cybersecurity issues in the future.
Email servers are, of course, assumed to be online, but recent attacks have revealed a surprising number of unanticipated online network devices.
It’s time to examine and patch (or at least disable) network-attached storage (NAS) and uninterruptible power supplies (UPS) to prevent assaults on your systems.
Closing the Gaps in Security
From publicly released updates, cyber attackers are typically able to construct exploits. Next, they aim to exploit holes in systems before the companies have a chance to fix them.
Many of these vulnerabilities remain open, unprotected, and forgotten because of the ‘great resignation’ of many personnel.
Unknown devices frequently explore internet-facing ports, as may be seen by checking the firewall logs at random.
The more information you have about the sensors, the better you can defend yourself.
If your IT asset list is up to date, you may browse through the devices one by one and see if they’re internet-enabled.
While vuln scans and penetration tests can be done more quickly and accurately with the right tools, they’re not without their drawbacks.
Pen tests and vuln scans not only find internet-connected devices, but also unknown devices, setup errors, and out-of-date software throughout your whole enterprise.
With these scans, you can get a prioritized list of issues that need to be addressed.
Final Thoughts
In the world of cybersecurity, it seems like a never-ending cycle.
It’s a never-ending cycle: products are built, security is put in place, and hackers find a way in.
You’re used to dealing with situations like these, so you’re prepared for anything that comes your way.
Nevertheless, when unanticipated issues arise, such as NAS and power supplies, it’s simple to overlook them.
As a first step, run your vulnerability assessments and pen tests to identify any issues that may arise.
It is possible to outsource this task to skilled security specialists in-house, but this will save you a lot of time and deliver better outcomes.
