Equifax Cyberattack: A Short Synopsis of this Attack and its Potential Impact on your Business
On March 2, 2017, the Apache foundation disclosed (initially reported by security researcher Nike Zheng of DBAPPSecurity Ltd al via – https://cwiki.apache.org/confluence/display/WW/S2-045 and https://cwiki.apache.org/confluence/display/WW/S2-046) that a critical vulnerability, with multiple vectors, exist in the Jakarta based file upload Multipart parser used in Apache Struts2, that could allow an attacker to execute commands remotely on a targeted system by using a crafted Content-Type, Content-Disposition, or Content-Length value.
Apache advised all customers and networking equipment manufacturers that have OEM-ed this application into their products e.g. Cisco, to immediately patch their systems and upgrade to Apache Struts version 2.3.32 or 18.104.22.168.
Between March 10 and April 19, 2017, Cisco issued patches to its product line that were susceptible to this vulnerability – https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170310-struts2.
Equifax confirmed that it was aware of this vulnerability as of March 8, 2017 and proceeded to patching some of its vulnerable devices. It unfortunately didn’t patch all its affected servers and one of them was targeted by a cyberattacker who gained access to Equifax’s 143 million customer data, which includes, customer names, addresses, social security numbers, credit card numbers, credit scores etc. by exploiting this vulnerability.
Equifax Chairman and Chief Executive Richard Smith has called the crisis the “most humbling moment in our 118-year history.” Some lawmakers have called for his removal, and investors have shrunk Equifax’s stock-market value by about $6 billion, or more than 33%, in the past 10 days.
Equifax has since fired its CIO and Chief Information Security Officer. On the long run, this may, in fact, be the beginning of the end of Equifax because it has lost all credibility with customers and the market, both of whom no longer trust the integrity of its data.
To put this into perspective, it is not incredulous to think that the attacker, who lurked and persisted within Equifax’s network for months, might have altered some Equifax data to increase, or decrease credit score ratings.
Hence, this single cyber attack has essentially undermined one of the United States’ fundamental financial framework which if completely eroded, will eliminate a key component in financial risk analysis, shutting down the country’s entire credit system.
The need for a network maintenance service provider that is both independent, and capable of providing lifetime software integrity maintenance and cyber-defence services cannot be over-emphasised.
The fact of the matter is that at least 30% of every in-production corporate and governmental Internet network routers, switches, firewalls and servers are no longer software-maintained by the equipment manufacturers (nor their partners, some of whom offer outsourced network managed services), making them ‘sitting ducks’ and potential entry-point for cyber-attackers looking to gain access to your network and all your corporate data.
Multiven, the world’s only manufacturer-independent provider of lifetime software maintenance and cyberdefense services for all Internet networks, can maintain all the software that the manufacturer won’t maintain anymore with lifelong security updates to keep your firm safe from cyberattacks.
Remember, if a device is in your production network, you must maintain the software, for as long as it is in-production.