<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1175921925807459&amp;ev=PageView&amp;noscript=1">
Anubis BitSight Labs

Inherent Risk: How Insecure Systems Pose a Threat to Network Security

Joel Alcon | April 10, 2017

A few months ago, Anubis BitSight Labs researchers discovered that millions of low-cost Android phones, many of them in the United States, were vulnerable to Man-in-the-Middle attacks. The backdoor could be exploited through unregistered internet domains that had been hardwired into the Ragentek firmware used in these devices. A hacker with control of the domains could have installed malware bypassing Android’s security protections.

The risk of using insecure systems like these not only puts the end-user at risk of a cyber attack, but it also affects the security of the corporate networks into which the devices connect. According to Cisco’s Visual Networking Index: Global Mobile Data Traffic Forecast Update, there will be 947 million mobile-connected devices by 2020. Given the large number of mobile devices that will likely be used by company employees, it will become important for security teams to identify the insecure systems, especially mobile devices, connected to their network.

No One Likes InfoSec Surprises

Companies are spending more time, money and effort securing their corporate network. In fact, Gartner estimates that worldwide spending on information security will reach $90 billion in 2017, and top $113 billion by 2020. Much of the spending is focused on detection and response, but with so much emphasis on network security, some companies are still shocked to discover insecure systems connected to their corporate networks. What’s more concerning is the lack of urgency from some companies to remediate these issues. For example, BitSight researchers discovered the Ragentek vulnerability five months ago, but today they still find more than 1,200 companies with devices running this vulnerable version of the Ragentek firmware.

Looking Beyond the Vulnerability

Companies with insecure systems run the risk of exposing their sensitive data to cyber criminals. The chances of a successful cyber attack may increase as time passes and the insecure system remains in use on the network. In addition to this threat, insecure systems found on a corporate network may be signs of additional vulnerabilities and questionable security hygiene. What’s concerning is that some organizations go months or years without fixing vulnerabilities on their networks. For instance, in a recent BitSight Insights, Critical Third Parties: Exploring Data Security in the Legal Sector & Beyond, researchers discoverer that nearly 80% of organizations across all industries examined in the report were exposed to Logjam or POODLE, both of which are major SSL/TLS vulnerabilities discovered years ago.

Why This Matters?

According to the ITRC (Identity Theft Resource Center), there have been 392 data breaches already this year (through March 28, 2017), exposing over seven million records. Companies with poor security practices are especially vulnerable to the rising threat of attacks. Considering that insecure systems on a corporate network can be a sign of poor security hygiene, organizations should assess the types devices connected to their networks, paying special attention to insecure systems such as mobile phones with outdated firmware.

If an organization has insecure systems on its network, the information security team should strive to update them or if possible, disconnect them from the network. If a critical third party uses insecure systems and has failed to fix the issue, it could be a sign of other security issues. In this case, organizations should continuously monitor that third party’s security rating and observe whether the rate of insecure systems decreases over time. Organizations that want to reach a mature level of cybersecurity should closely monitor their own cybersecurity posture and implement a third party continuous monitoring strategy to ensure that critical third parties have no signs of insecure systems on their network.

Are there insecure systems on your network? Register for a demo of the BitSight Security Ratings Platform to find out.

Request A Demo

Suggested Posts

Third-Party Insight into Triada & Related Families

A few weeks ago Google confirmed that there was malware pre-installed on a number of Android devices due to a supply-chain attack. The latest installment was discovered by security researchers from Dr.Web who have been investigating this...

READ MORE »

Data Insights on the BlueKeep Vulnerability

On May 14th, Microsoft issued a warning about the BlueKeep vulnerability (CVE-2019-0708) affecting Remote Desktop Services Protocol (RDP), a component common in most versions of Microsoft Windows that allows remote access to its graphical...

READ MORE »

Fraudulent Android Advertising SDK Installed In Over 15 Million Devices

Every day, BitSight monitors the global threat landscape in a constant effort to identify software that may be placing users and organizations at risk. The presence of malware — or simply potentially unwanted applications — in an...

READ MORE »

Subscribe to get security news and updates in your inbox.