Like a scene from a horror movie: you slam the door in the face of the “bad guy” and lock it, only to have him come rushing in the backdoor, with a chainsaw… Okay, so not exactly like a horror movie, but backdoor vulnerability may be putting your organization at risk if you don’t have the proper cyber security intelligence info-structure set up. Lock the entrances before your business gets hacked to pieces.
What is “Backdoor Vulnerability”?
A backdoor is a little bit what it sounds like. It’s an alternate route into a computer system, but also generally unknown and virtually undetectable. In some cases, a backdoor is intentionally installed (more on that later). In most cases, a backdoor comes about unintentionally.
Some common ways you ended up with backdoors:
• Your computers and other devices have backdoors. In a recent headline, a Microsoft security vulnerability leaked online. Microsoft released a patch, but the ‘Interweb’ is ablaze with discussion about backdoors as a result.
• You give god-like privileges to IT professionals. In many companies, IT personnel have blanket access to all devices and data. While password assistance, remote access and so on might be necessary IT functions, widespread access places your organization at risk (cybercrime is often an inside job).
• You have a “master password.” In many organizations the system operator password is the same at all levels and allows complete access to all devices and data.
• You operate like clockwork. Having set tasks that operate at specified times may actually cause additional risk to your organization. For example: a tape backup (with privileged access) executes at a specified time. A hacker or other cybercriminal could interfere and gain access to your most sensitive data.
• You have patches that only handled a current situation, but created others. Often IT solutions are quickly patched together to handle an immediate problem, without thorough investigation into the backdoor possibilities of the patch itself. What’s more, such patches might become obsolete (therefore unmonitored), yet still accessible, leaving access points to someone with malicious intent.
Keep in mind that any of your data may be accessible through such a backdoor: customer information, financial records, employee records, etc.
Setting up Cyber Security Intelligence – What Can You Do?
Just like your accounting practices, with side-checks and independent audits, IT vulnerabilities can largely be abated just by having sound policy. At a minimum, your policy should include:
• Layered passwords, so that no single password has complete access to operations, data and network procedures.
• Personnel checks and balances. Consider who needs access to what in your IT department and executives, particularly remote access which may have greater vulnerability.
• Keep up with software updates and insists all company employees do the same. As vulnerabilities are made known, companies attempt to quickly release patches, hoping to best would-be attacks. Software updates need to be internally understood as more than just feature changes.
• Have your current system reviewed for common security flaws, such as known backdoor vulnerabilities.
• Review your internal cyber security policy (or establish one, if you have not yet), including your employee reporting and accountability procedures, so that you are better protected against internal attack. (Keep in mind that many internal attacks are unintentional).
• Use cyber threat intelligence feed monitoring. By monitoring the feeds from multiple resources, cyber feed monitoring keeps you ahead of the game. You have access to data before an update is even broadly release, thereby potentially avoiding zero-day exploits. Cyber threat monitoring follows business and government data sources to better protect your organization.
Given the broad number of methods available to hack most any business, it is safer to assume that you are vulnerable to backdoor attacks, then take the steps to mitigate such risk.