Cybercriminals are constantly seeking to take advantage of your computer security vulnerabilities. While the goals of these cybercriminals may vary from one to the next (political motives, monetary gain, or just for kicks/prestige), they pose a significant threat to your organization.
Part of protecting your business against modern cyber threats is being aware of the different types of vulnerability that might put your network at risk—and then securing those weaknesses before an attacker can use them. What are some common network security vulnerabilities, and how can you counter them?
Before we dig into security vulnerability examples, it’s important to establish what a vulnerability in computer security is.
What is a Vulnerability in Computer Security?
To put it in the most basic terms, a computer system vulnerability is a flaw or weakness in a system or network that could be exploited to cause damage, or allow an attacker to manipulate the system in some way.
This is different from a “cyber threat” in that while a cyber threat may involve an outside element, computer system vulnerabilities exist on the network asset (for example, a computer, database, or even a specific application) to begin with. Additionally, they are not usually the result of intentional effort by an attacker—though cybercriminals will leverage these flaws in their attacks, leading some to use the terms interchangeably.
The way that a computer vulnerability is exploited depends on the nature of the vulnerability and the motives of the attacker. These vulnerabilities can exist because of unanticipated interactions of different software programs, system components, or basic flaws in an individual program. It’s important to know that vulnerabilities are present in virtually every network—there is no way to identify and address them all because of the incredibly complex nature of modern network architecture.
However, you can significantly reduce your risk of a data breach or similar event by knowing some of the most common network vulnerabilities are and finding ways to address them. Here are a few security vulnerability types to watch out for:
Security Vulnerability Types
Computer security vulnerabilities can be divided into numerous types based on different criteria—such as where the vulnerability exists, what caused it, or how it could be used. Some broad categories of these vulnerability types include:
- Network Vulnerabilities. These are issues with a network’s hardware or software that expose it to possible intrusion by an outside party. Examples include insecure Wi-Fi access points and poorly-configured firewalls.
- Operating System Vulnerabilities. These are vulnerabilities within a particular operating system that hackers may exploit to gain access to an asset the OS is installed on—or to cause damage. Examples include default superuser accounts that may exist in some OS installs and hidden backdoor programs.
- Human Vulnerabilities. The weakest link in many cybersecurity architectures is the human element. User errors can easily expose sensitive data, create exploitable access points for attackers, or disrupt systems.
- Process Vulnerabilities. Some vulnerabilities can be created by specific process controls (or a lack thereof). One example would be the use of weak passwords (which may also fall under human vulnerabilities).
Here are a few specific examples of security vulnerabilities to help you learn what to look for:
1) Hidden Backdoor Programs
This is an example of an intentionally-created computer security vulnerability. When a manufacturer of computer components, software, or whole computers installs a program or bit of code designed to allow a computer to be remotely accessed (typically for diagnostic, configuration, or technical support purposes), that access program is called a backdoor.
When the backdoor is installed into computers without the user’s knowledge, it can be called a hidden backdoor program. Hidden backdoors are an enormous software vulnerability because they make it all too easy for someone with knowledge of the backdoor to illicitly access the affected computer system and any network it is connected to.
For example, an article by Bloomberg highlights a case where a security vulnerability that could be used as a backdoor was left in a manufacturer’s routers. According to the article:
“Europe’s biggest phone company identified hidden backdoors in the software that could have given Huawei unauthorized access to the carrier’s fixed-line network in Italy, a system that provides internet service to millions of homes and businesses… Vodafone asked Huawei to remove backdoors in home internet routers in 2011 and received assurances from the supplier that the issues were fixed, but further testing revealed that the security vulnerabilities remained.”
This software vulnerability in the Huawei routers is concerning because, if used by malicious actors, it could give them direct access to millions of networks.
2) Superuser or Admin Account Privileges
One of the most basic tenets of managing software vulnerabilities is to limit the access privileges of software users. The less information/resources a user can access, the less damage that user account can do if compromised.
However, many organizations fail to control user account access privileges—allowing virtually every user in the network to have so-called “Superuser” or administrator-level access. Some computer security configurations are flawed enough to allow unprivileged users to create admin-level user accounts.
Verifying that user account access is restricted to only what each user needs to do their job is crucial for managing computer security vulnerabilities. Also, ensuring that newly-created accounts cannot have admin-level access is important for preventing less-privileged users from simply creating more privileged accounts.
3) Automated Running of Scripts without Malware/Virus Checks
One common network security vulnerability that some attackers learned to exploit is the use of certain web browsers’ (such as Safari) tendencies to automatically run “trusted” or “safe” scripts. By mimicking a trusted piece of code and tricking the browser, cybercriminals could get the browser software to run malware without the knowledge or input of the user—who often wouldn’t know to disable this “feature.”
While keeping employees from visiting untrustworthy websites that would run malware is a start, disabling the automatic running of “safe” files is much more reliable—and necessary for compliance with the Center for Internet Security’s (CIS’) AppleOS benchmark.
4) Unknown Security Bugs in Software or Programming Interfaces
Computer software is incredibly complicated. When two or more programs are made to interface with one another, the complexity can only increase. The issue with this is that within a single piece of software, there may be programming issues and conflicts that can create security vulnerabilities. When two programs are interfaced, the risk of conflicts that create software vulnerabilities rises.
Programming bugs and unanticipated code interactions rank among the most common computer security vulnerabilities—and cybercriminals work daily to discover and abuse them. Unfortunately, predicting the creation of these computer system vulnerabilities is nearly impossible because there are virtually no limits to the combinations of software that might be found on a single computer, let alone an entire network.
5) Unencrypted Data on the Network
A lack of encryption on the network may not cause an attack to occur—but it does make it easier for attackers to steal data and put it to use. Unencrypted data on the network can be a severe risk for organizations of all sizes.
Although encryption won’t stop an attack, it can deny attackers the ability to put stolen information to use—rendering it into unintelligible gibberish until it can be decoded. This buys time for consumer protection teams to notify affected parties so they can take identity theft countermeasures to avoid harm.
You Can Access Other Security Articles With Comtech2 Security Section