你的网络安全是走后门了吗?

Heitor Faroni

January 21, 2020

你的网络安全是走后门了吗?

You wouldn’t leave the back door to your house unlocked or unsecured when you head in to work, so why would you leave a backdoor open into your network allowing intruders to disrupt your business or steal your data?

Organizations and cybersecurity experts around the world are continuously discovering and trying to address and prevent attacks on their networks and devices. 解决网络安全问题的最佳方法是采取积极主动的方法.

首先，让我们看看挑战.

透视网络安全

多年来，IT部门已经开发出保护个人电脑及其包含的数据的方法. However, network switches that support the infrastructure these PCs use and the access points used to reach the network, 经常被忽视. 这些交换机和接入点的操作系统和pc上的操作系统一样容易受到影响, 然而，许多企业忽视了这一潜在的脆弱性.

移动设备的增长增加了挑战, 个人设备，最重要的是, 缺乏内置安全性的新型物联网设备. 它们大大增加了安全漏洞的可能性. 随着设备的增长, 网络攻击的数量有所上升, 它们的复杂性和回收成本都在急剧上升. 这个问题存在于许多火狐体育手机和领域，比如高等教育, 仅在医疗保健方面, 网络攻击每年造成的损失高达60亿美元.

We can classify successful cybersecurity incidents in two distinct types: A cyberattack and a data breach.

A cyberattack 试图制造物理效果或操纵、破坏或删除数据. 换句话说，它干扰了企业的正常运作. DDoS attacks, 网络数据和设备破坏, 数据加密攻击属于网络攻击的范畴. Cyberattacks sometimes manifest as ransomware – where a hacker extorts money from its victim by demanding they pay a ransom, 或者严重影响受害者的手术，或者, in many cases, 防止访问重要数据.

In the case of a data breach, the incident may not necessarily interfere with normal business operations but involves disclosure or movement of private data to a party that is not authorized to have or see the information. 换句话说，这是一次网络盗窃. 这种盗窃行为可能会让数据所有者失去身份, 甚至是几十万美元的损失.

These thieves and hackers gain access through backdoors that were left open; in some cases, 通过默认的标准制造商密码.

物联网安全注意事项

物联网(IoT) 当涉及到网络安全时，改变了一切.

The growing number of Internet-connected devices is transforming business in significant ways. 从积极的方面来看，物联网有望使企业变得更智能，更擅长他们所做的事情. From automatically monitoring and managing equipment and physical environments to identifying needed products or business processes that might never have become apparent, 物联网提高效率, 节省成本和其他许多好处.

随着物理对象变成数字对象，出现了大量的商业机会. However, 这是有代价的，因为物联网设备具有颠覆性, 推动新的商业模式, 生态系统与风险.

物联网 汇集了其他不可阻挡的趋势:自动化, AI, 虚拟/增强现实和对数据的无尽渴求. The promise of a universe of connected devices automatically feeding business systems with data-driven insights is limitless. The IoT will keep companies informed about everything – from how customers are using products to when a piece of vital equipment needs replacing.

但也不全是好事

好有坏. 物联网大大增加了网络安全事件的风险. 一种广泛使用的物联网设备是安全摄像头. 然而，它是黑客最容易攻击的设备之一. 尽管你可能认为黑客对你的相机不感兴趣, 可能是网关设备把你的网络完全打开了. In fact, research has discovered that security cameras represent 47 percent of vulnerable devices installed on home networks.

解决物联网安全威胁的最佳实践包括以下步骤:

• 了解正在连接的设备

• 设备分类

• 将他们分割

• 创建特定的安全策略并持续监控这些设备

当设备连接时, 它必须首先通过网络强制的身份验证过程. The network then classifies the device and assigns it to a virtual segment that is totally independent from other segments of the network. Devices in a network segment cannot see or talk to devices on another segment unless explicitly authorized by routing rules. Devices within a segment are auto provisioned using predefined security and QoS (quality of service) rules for flawless operation. These security policies can be fine-tuned to provide security without hampering the devices’ performance.

The virtual segmentation of the network also prevents a security breach in one part of the network, 比如装监控摄像头的那个, 防止传播到网络的其他部分, 比如一个有销售点系统的. This virtual segmentation can be achieved with techniques like VLAN or service creation using SPB (Shortest Path Bridging).

网络设备安全注意事项

网络IT通常部署解决方案来确保笔记本电脑的安全, but, 他们还需要确保网络交换机和接入点(ap)也是安全的. 由于交换机和接入点有操作系统，它们也容易受到攻击.

Network switches and APs often come with “secret” hardwired names and passwords to enable easy access to manufacturer support and R&D engineers. Unfortunately, it also makes it easy for hackers to access the network through these backdoors. 黑客可以嵌入恶意软件, 利用漏洞或暴露专有和/或机密信息.

一个好的做法是选择使用的网络设备 独立的、第三方的验证和确认(四&V) 分析操作系统(OS)源代码, ensuring best security practices are followed and white box/black box tests are performed to expose vulnerabilities.

Another exploitation technique used by hackers is to identify the memory address where certain open source codes functions reside or where some data is stored so they can create buffer-overflows. 防止这些不必要的入侵的最佳实践是这样做 软件多样化. This is a method where you make it difficult or virtually impossible to find the locations to enter by shuffling the operating system’s memory map of the binary images. This address space layout randomization (ASLR) is done by compiling and redistributing the information making it unpredictable and impossible to hack the system.

你的交换机和接入点供应商保护他们的操作系统吗?

你可能会尽你所能来保护你的网络和商业资产, 但是你也需要依靠你的网络供应商来做同样的事情.

网络攻击的数量和复杂性都在增加，值得你关注. 阿尔卡特朗讯企业, just like you, 他们自己的企业也需要解决这个问题. 考虑到他们对客户和他们自己的业务的重要性, ALE开发了一种多层方法.

对于物联网，ALE的网络解决方案可以自动识别和分类所有设备. It then segments the network for an additional layer of security by providing a way to prevent or contain attacks and then monitors the network continuously.

对于ALE的网络基础设施设备，进行独立的验证和验证(IV)&V)以及软件多样化已经在操作系统中实现. ALE还获得了许多国际和美国认证.S. 提供JITC、NIST、FIPS、NATO和Common Criteria安全认证. 为客户关心原产地的解决方案, ALE提供符合TAA(贸易协定法案)的交换机, 其中包括大多数美国人.S. content.

Security is in ALE’s DNA, which includes many other aspects not even discussed in this article. Take it from the experts…don’t leave any backdoors or other vulnerabilities open to your business through unprotected network switches or poorly secured IoT devices!

Speak with one of our local experts and learn how you too can increase your cybersecurity today.