Is Your Network Haunted by Old Cyber Threats?

November 29, 2018 Eric Dosal Eric Dosal

Most business owners, managers, and (especially) IT security teams are well aware that they face a near-constant stream of cyber threats. Every day, malicious actors work to create new attack methods and strategies to steal sensitive data or compromise networks. However, while many businesses worry about current cyber threats, they often forget about older types of cyber threats.

However, it isn’t always the “zero-day” exploit that causes a network compromise. In many cases, it’s an old cyber threat that the company forgot about which creates the network security breach. In fact, according to research cited by CSO Online, zero-days “aren’t even the majority of bugs found” and that they account for “a little less than 1 percent” of vulnerabilities identified in a year.

Instead, as noted by CSO, based on reports from data collected in 2016, “out of all detected exploits, most came from vulnerabilities dating to 2007.” That means the exploits were nearly 10 years old at the time of detection.

With this in mind, here’s a question for you: Is your network playing host to old cyber threats without your knowledge?

Why Do Businesses Fall Victim to Old Cyber Threats?

So, if old cyber threats are well-known, why is it that businesses so often fall victim to them? In some cases, it’s because cybercriminals take an old cyber threat (usually a malware program) and tweak it to make it unrecognizable to the network security measures that are used to thwart it.

This helps the malware get around the antimalware systems (anti-malware systems)—a practice that can be highly effective. As noted in research cited by PCmag.com, “most of the newly detected malware went undetected by nearly half of the antivirus vendors. After two months, one third of the antivirus scanners still failed to detect many of the malware samples.” However, after a few months, the “new” malware becomes a known threat and antimalware software gets updated to compensate.

However, malware programs aren’t the only type of cyber threat that businesses have to contend with. There are also flaws in many software programs that give attackers a potential entry point they can use to breach a company’s network security. When these vulnerabilities and exploits are identified, the software vendor will release a security patch to close the security gap created by that flaw.

The primary reason businesses fall victim to old software vulnerabilities is that they neglect to apply critical security patches to the software programs they use. Thankfully, the fix for this problem is simple: proactively work to audit your business’ software and apply the latest security patches for each.

By keeping your business’ software up to date with the latest security patches, you can avoid having your network compromised by older types of cyber threats that many attackers rely on.

How Can I Assess My Network for Old Cyber Threats?

Running a network security assessment is an important process for protecting your business from both old and current cyber threats. In most cases, a business will either lean on an in-house team of cybersecurity experts or acquire the services of a managed security service provider (MSSP) to perform this assessment. However, prior to starting the audit, there are a few things that you can do, including:

  • Creating a Diagram of Your Network Assets. While there may be unknown assets on your network, you can save the auditor some time and labor by creating a chart showing the overall structure of your network—a.k.a. a network diagram. This chart should list what assets are on your network, how they’re connected, and what protections you have in place.
  • Arrange Meetings between the Auditor and Key Stakeholders in Your Organization. External auditors will need to be able to talk with subject matter experts (SMEs) in your organization to get a complete picture of your cybersecurity policies and procedures. This helps to smooth out the auditing process and save time.
  • Collate Your Cybersecurity Policies into a Single Resource. Collect a list of your company’s various cybersecurity policies, such as password requirements, access controls, incident response plans, bring-your-own-device policies, etc. This gives the auditor an idea of how mature your cybersecurity program is.

Do you need help to assess your network security architecture in order to improve it? Get in touch with a cybersecurity expert from Compuquip today!

network-security-checkup