Cybersecurity, Multiven, Network Maintenance, Petya, Software maintenance, WannaCry

Cyberattacks: The Software Features Junkie

How Frequent Software Feature Upgrades Increases Your Network Attack Surface, Making It Easier For Your Business To Be The Next Cyberattack Target.

Today’s cyberattack exploited a vulnerability in a feature that was part of a software upgrade two weeks ago.

Vulnerabilities are introduced into software when software engineers write new features. Hence, more features equates to more exploitable vulnerabilities which in geek speak, expands the (cyber) attack surface of your network.
Still think you and your firm are immune to Cyberattacks? Guess what?

1- Donald Trump is the President of the United States primarily thanks to the cyberattack on the Democratic National Committee that leaked its internal emails to the public.

2- The recent NotPetya cyberattack cost Maersk – the world’s largest container shipping line – $300 million i.e. 42% of its underlying annual 2017 profits. The bulk of the impact from the NotPetya attack was felt in the third quarter, due to lost revenues in July after the company’s IT system, including booking applications, were brought down by the malware, hidden in a document used to file tax returns in Ukraine.

3- The Wannacry ransomeware locked up 200,000 computers in 150 countries and effectively shut down the UK’s health care IT infrastructure that negatively impacted the healthcare delivery for millions of UK citizens.

So, avoid unnecessary, untested and unvalidated upgrades to your network software that introduce new features that will reduce your network security, reliability and availability.
Multiven strongly recommends that customers get software bug fix upgrades and security updates and patches only.
New feature upgrades should be introduced only after thorough road-map bug scrubs, security risk assessments and regression testing.
If you don’t have the necessary expertise in-house for the aforementioned software security research, Multiven can help.
Related links

https://multiven.net/2017/05/13/cyber-attacks-multiven-summary-on-wannacrypt-malware/

https://en.m.wikipedia.org/wiki/Democratic_National_Committee_cyber_attacks

https://www.cnbc.com/2017/08/16/maersk-says-notpetya-cyberattack-could-cost-300-million.html

Laisser un commentaire

Entrez vos coordonnées ci-dessous ou cliquez sur une icône pour vous connecter:

Logo WordPress.com

Vous commentez à l'aide de votre compte WordPress.com. Déconnexion / Changer )

Image Twitter

Vous commentez à l'aide de votre compte Twitter. Déconnexion / Changer )

Photo Facebook

Vous commentez à l'aide de votre compte Facebook. Déconnexion / Changer )

Photo Google+

Vous commentez à l'aide de votre compte Google+. Déconnexion / Changer )

Connexion à %s