Earlier this week, it became apparent that hackers had hijacked two popular enterprise VPNs and a web-based utility tool. With the widespread attacks already deemed some of the damaging breaches this year, are your enterprise security tools truly safe?
Are your enterprise security tools truly safe?
Hackers targeted the web-based utility tool Webmin as well as the enterprise VPNs Pulse Secure and Fortinet's FortiGate. The attack occurred following a public disclosure of multiple vulnerabilities in the products during a talk at the latest Black Hat security conference.
According to security researchers from Bad Packets, the cybercriminals employed "opportunistic mass scanning activity" in order to access sensitive data. Specifically, an arbitrary file reading vulnerability in Pulse Secure enabled unauthenticated attackers to access private keys and user passwords.
Is your enterprise at risk?
Overall, Bad Packets discovered that 2,535 unique autonomous systems (network providers) had vulnerable Pulse Secure VPN endpoints on their network. At present, this currently affects the United States military as well as federal, state, and local government agencies.
In addition to this, public universities and schools, hospitals and healthcare providers, and electric and gas utilities are vulnerable. Meanwhile, major financial institutions, media corporations, and numerous Fortune 500 companies are also at risk.
Overall, Bad Packets researchers located vulnerable hosts in 121 countries across the globe. However, the United States possessed the most vulnerable Pulse Secure VPN endpoints with a total of 5,010.
Bad Packets refuses to name the specific organisations as the critical vulnerability is reportedly easy to exploit using publicly available proof-of-concept code. Nevertheless, the researchers urge Pulse Secure VPN administrators to immediately ensure that they are not using versions of the “Pulse Connect Secure” server software vulnerable to CVE-2019-11510.
No organisation is completely secure
Above all, this breach demonstrates that no organisation is completely secure when it comes to cyberattacks. With this in mind, however, it is now absolutely integral that digital companies endeavour to mitigate potential breaches.
Indeed, more organisations are beginning to recognise that cybersecurity issues are now a core business risk. Rather than just existing as an issue for IT teams, reducing the risk of cyberattacks is now an company-wide challenge.