Cybercriminals are constantly seeking to take advantage of critical computer security vulnerabilities. While the goals of these cybercriminals may vary from one to the next (political motives, monetary gain, or just for kicks/prestige), they pose a significant threat to your organization.
Part of protecting your business against modern cyber threats is being aware of computer system vulnerabilities that might put your network at risk—and then securing those weaknesses before an attacker can. What are some common network security vulnerabilities, and how can you counter them?
What is Vulnerability in Computer Security?
Before we dig into security vulnerability examples, it’s important to establish what a vulnerability in computer security is. To put it in the most basic terms, a computer system vulnerability is a flaw or weakness in a system or network that could be exploited to cause damage, or allow an attacker to manipulate the system in some way.
This is different from a “cyber threat” in that while a cyber threat may involve an outside element, computer system vulnerabilities exist on the network asset (computer) to begin with. Additionally, they are not usually the result of intentional effort by an attacker—though cybercriminals will leverage these flaws in their attacks, leading some to use the terms interchangeably.
The way that a computer vulnerability is exploited depends on the nature of the vulnerability and the motives of the attacker. These vulnerabilities can exist because of unanticipated interactions of different software programs, system components, or basic flaws in an individual program.
Here are a few security vulnerability examples to help you learn what to look for:
1) Hidden Backdoor Programs
This is an example of an intentionally-created computer security vulnerability. When a manufacturer of computer components, software, or whole computers installs a program or bit of code designed to allow a computer to be remotely accessed (typically for diagnostic, configuration, or technical support purposes), that access program is called a backdoor.
When the backdoor is installed into computers without the user’s knowledge, it can be called a hidden backdoor program. Hidden backdoors are an enormous software vulnerability because they make it all too easy for someone with knowledge of the backdoor to illicitly access the affected computer system and any network it is connected to.
For example, a recent article by Bloomberg highlights a case where a security vulnerability that could be used as a backdoor was left in a manufacturer’s routers. According to the article:
“Europe’s biggest phone company identified hidden backdoors in the software that could have given Huawei unauthorized access to the carrier’s fixed-line network in Italy, a system that provides internet service to millions of homes and businesses… Vodafone asked Huawei to remove backdoors in home internet routers in 2011 and received assurances from the supplier that the issues were fixed, but further testing revealed that the security vulnerabilities remained.”
This software vulnerability in the Huawei routers is concerning because, if used by malicious actors, it could give them direct access to millions of networks.
2) Superuser or Admin Account Privileges
One of the most basic tenets of managing software vulnerabilities is to limit the access privileges of software users. The less information/resources a user can access, the less damage that user account can do if compromised.
However, many organizations fail to control user account access privileges—allowing virtually every user in the network to have so-called “Superuser” or administrator-level access. Some computer security configurations are flawed enough to allow unprivileged users to create admin-level user accounts.
Verifying that user account access is restricted to only what each user needs to do their job is crucial for managing computer security vulnerabilities. Also, ensuring that newly-created accounts cannot have admin-level access is important for preventing less-privileged users from simply creating more privileged accounts.
3) Automated Running of Scripts without Malware/Virus Checks
One common network security vulnerability that some attackers learned to exploit is the use of certain web browsers’ (such as Safari) tendencies to automatically run “trusted” or “safe” scripts. By mimicking a trusted piece of code and tricking the browser, cybercriminals could get the browser software to run malware without the knowledge or input of the user—who often wouldn’t know to disable this “feature.”
While keeping employees from visiting untrustworthy websites that would run malware is a start, disabling the automatic running of “safe” files is much more reliable—and necessary for compliance with the Center for Internet Security’s (CIS’) AppleOS benchmark.
4) Unknown Security Bugs in Software or Programming Interfaces
Computer software is incredibly complicated. When two or more programs are made to interface with one another, the complexity can only increase. The issue with this is that within a single piece of software, there may be programming issues and conflicts that can create security vulnerabilities. When two programs are interfaced, the risk of conflicts that create software vulnerabilities rises.
Programming bugs and unanticipated code interactions rank among the most common computer security vulnerabilities—and cybercriminals work daily to discover and abuse them. Unfortunately, predicting the creation of these computer system vulnerabilities is nearly impossible because there are virtually no limits to the combinations of software that might be found on a single computer, let alone an entire network.
These are just a few of the different computer security vulnerabilities that your business might be exposed to at any given time. Do you need help managing your computer vulnerabilities and protecting your business from cybercriminals? Reach out to the team at Compuquip today!
Back to Cybersecurity Basics
Master the 8 basic elements of a strong cybersecurity posture.