Network Security Threats

Cybersecurity today matters so much because of everyone's dependence on technology, from collaboration, communication and collecting data to e-commerce and entertainment. Every organisation that needs to deliver services to their customers and employees must protect their IT 'network' - all the apps and connected devices from laptops and desktops to servers and smartphones.

While traditionally, these would all live on one "corporate network," - networks today are often just made up of the devices themselves, and how they're connected: across the internet, sometimes via VPNs, to the homes and cafes people work from, to the cloud and data centres where services live. So what threats does this modern network face?

Let's look at them in more detail.

#1 Misconfiguration

According to recent research by Verizon, misconfiguration errors and misuse now make up 14% of breaches. Misconfiguration errors occur when configuring a system or application so that it's less secure. This can happen when you change a setting without fully understanding the consequences, or when an incorrect value is entered. Either can create a serious vulnerability - for example, a misconfigured firewall can allow unauthorized access to an internal network, or a wrongly configured web server could leak sensitive information.

#2 Outdated software

Software and app developers constantly release updates with patches to cover vulnerabilities that have been discovered in their code. Applying patches to fix these vulnerabilities across an organisation's entire network of devices can be time-consuming and complex to implement - but it is essential. If you don't update your software, firmware and operating systems to the latest versions as they're released, you're leaving your network exposed. A vulnerability scanner will give you a real-time inventory of all the software which needs updating, as well as detect misconfigurations that reduce your security, so you can stay as secure as possible.

#3 DoS attack

The previous two threats are usually exploited to breach networks and steal information, but a Denial-of-Service (DoS) attack is meant to shut down your network and make it inaccessible.

This can be done by many means, either with malware, or by flooding the target network with traffic, or sending information that triggers a crash such as requesting overly complex queries that lock up a database. In each case, the DoS attack prevents customers or employees from using the service or resources they expect.

DoS attacks often target websites of high-profile organisations such as banks, media companies and governments. Though DoS attacks don't usually result in the theft or loss of data, they can cost you a great deal of time and money to handle. A properly configured content delivery network (CDN) can help protect websites against DoS attacks and other common malicious attacks.

#4 Application bugs

A software bug is an error, flaw or fault in an application or system that causes it to produce an incorrect or unexpected result. Bugs exist in every piece of code for all sorts of reasons, from improper testing or messy code to a lack of communication or inadequate specifications documents.

Not all bugs are cyber security issues or vulnerable to exploitation where an attacker can use the fault to access the network and run code remotely. However, some bugs like SQL injection can be very serious, and allow the attackers to compromise your site or steal data. Not only do SQL injections leave sensitive data exposed, but they can also enable remote access and control of affected systems. This is just one example of a type of application bug, but there are many others.

Injections are common if developers haven't had sufficient security training, or where mistakes are made and not code reviewed – or when combined with inadequate continuous security testing. However, even when all these things are done - mistakes can still happen, which is why it's still ranked as the #1 threat in the OWASP Top Ten Web Application Security Risks. Fortunately, many types of injection vulnerabilities (and other application level security bugs) can be detected with an authenticated web vulnerability scanner, and penetration testing for more sensitive applications.

#5 Attack surface management

Can you secure your business if you don't know what internet-facing assets you own? Not effectively. Without a complete and updated inventory of internet-facing assets, you don't know what services are available and how attackers can attempt to get in. But keeping on top of them and ensuring that they're being monitored for weaknesses isn't exactly a walk in the park as IT estates grow and evolve almost daily.

When companies try to document their systems, they often rely on manually updating a simple spreadsheet, but between configuration changes, new technologies, and shadow IT, they rarely know exactly what assets they own or where. But discovering, tracking, and protecting all these assets is a critical component of strong security for every business.

A vulnerability scanner is a dynamic, automated tool that can keep track of what's exposed to the internet, and restrict anything that doesn't need to be there - like that old Windows 2003 box everyone's forgotten about, or a web server that a developer spun up for a quick test before leaving the business…

It can also keep a constant watch over your cloud accounts and automatically add any new external IP addresses or hostnames as targets. And it can help with 'asset discovery' when companies need help finding their IP addresses and domains that they don't even know about.

What does this mean for you?

Attackers use automated tools to identify and exploit vulnerabilities and access unsecured systems, networks or data - however big or small your organisation. Finding and exploiting vulnerabilities with automated tools is simple: the attacks listed above are cheap, easy to perform and often indiscriminate, so every organisation is at risk. All it takes is one vulnerability for an attacker to access your network.

Knowing where your vulnerabilities and weak points are is the first and most important step. If you spot your vulnerabilities early, you can address them before an attacker can exploit them. A vulnerability scanner is a cloud-based service that identifies security vulnerabilities in computer systems, networks and software. Vulnerability scanners provide a continuous service that searches for network threats and vulnerabilities - everything from weak passwords to configuration mistakes or unpatched software - so you can address them before attackers exploit them.

Vulnerability management made easy

Intruder's network vulnerability scanner is powered by industry-leading scanning engines used by banks and governments across the world. It's capable of finding over 11,000+ vulnerabilities and focuses on what matters, saving time with contextually-prioritised results. Using noise reduction, it only reports actionable issues that have a genuine impact on your security.

Network Security Threats
Intruder offers a 30-day free trial of their vulnerability scanner

By scanning both your internal and external attack surface, Intruder monitors your publicly and privately accessible servers, cloud systems, websites and endpoint devices. Fewer targets for hackers mean fewer vulnerabilities for you to worry about.

Organisations around the world trust Intruder's vulnerability scanner to protect their networks with continuous security monitoring and comprehensive scanning.


Found this article interesting? Follow THN on Facebook, Twitter and LinkedIn to read more exclusive content we post.