Cybercriminals are strategic and always looking for new ways to attack your business. Companies are facing more threats as the internet becomes increasingly accessible. As more businesses move to remote models and increase their device usage, entire networks are left vulnerable.
At vTECH io, we have found that 41% of cyber attacks happen to businesses through vulnerabilities in internet-facing devices. This makes it number one on our list of the most common cyber attacks businesses face.
Internet-facing devices are devices that have open access to the wide internet. It acts as a host for entry into a network. These Internet-facing devices can include, “any system that is globally accessible over the public internet (i.e., has a publicly routed internet protocol (IP) address or a hostname that resolves publicly in DNS to such an address) and encompass those systems directly managed by an organization, as well as those operated by a third-party on an organization’s behalf.” Internet-facing applications also create vulnerable entryways for hackers.
It is crucial to become aware of the issues facing your internet-facing devices and patch up those vulnerabilities to secure your infrastructure against potential cyberattacks.
Why do internet-facing devices leave businesses vulnerable?
Internet-facing devices may include hardware and software that leave open doors to cyber actors. Cybercriminals can use internet-scanning public services to find web-based human-machine interfaces (HMI) exposed to the internet. If they are password protected, they will push their way through, but many times these devices are left without a password. This leaves HMIs even more vulnerable to infiltration and attack.
Another big vulnerability for businesses is the increased number of remote workers. Workers are using more internet-facing devices, systems, and applications to access their work from home. While some applications may be accessed internally, many businesses operate using a large number of external applications and systems. These internet-facing systems are essential for communicating with customers and for employees to access their work remotely.
Examples of internet-facing applications include remotely accessible services, cloud applications, internet-facing firewalls, SSH gateways, VPN gateways, web and mobile applications, and web servers.
Cybercriminals know that businesses don’t keep up with all of their internet-facing devices. They make easy targets because they are not protected or monitored as closely. Cyber actors can get in and wreak havoc on your network. Thankfully, there are several ways you can protect your business from an attack.
How to Prevent an Attack
The biggest way to prevent someone from attacking your internet-facing devices is to be proactive. Following protocols to successfully protect your vulnerable devices can save your business a large amount of time and money.
It is important that your organization has a detailed understanding of the internet-facing devices used throughout. Without this, it is much harder to asses risk, find vulnerabilities, and set up proper protection. Once internet-facing devices are accounted for and managed, the next step would be to implement patch and configuration management policies.
Recommendations from Microsoft
Microsoft released suggested actions to take to protect your business’s internet-facing devices.
These suggestions include:
- Apply patches, change default passwords, and default SSH ports on all devices.
- Eliminate unnecessary internet connections and open ports.
- Restrict remote access by blocking ports, denying remote access, and using VPN services.
- Use an IoT/OT-aware network detection and response (NDR) solution, and a security information and event management (SIEM)/security orchestration and response (SOAR) solution to monitor devices for unauthorized behaviors.
- Segment networks limit an attacker’s ability to move laterally and compromise assets after the initial intrusion.
- IoT devices and OT networks should be isolated from corporate IT networks through firewalls.
- Make sure ICS protocols are not exposed directly to the internet.
Although this list of suggestions is robust, the work up front may protect your entire network from a major breach.
Recommendations from CISA
The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) released an article on remediating vulnerabilities for internet-accessible systems.
In this article, they list these four actions to take to remediate vulnerabilities.
- Ensure Your Vulnerability Scanning Service is Scanning All Internet-Accessible IP Addresses
- Notify the Scanning Service of Any Modifications to Your Organization’s Internet-Accessible IPs.
- Ensure the Scanning Service Provides At Least Weekly Scanning Results
- Coordinate with System Owners to Remediate Vulnerabilities
These different suggestions for safeguarding your internet-facing devices can help you create a more secure infrastructure for your business.
How to Further Protect your Business
Hackers are strategic and looking for the biggest “bang for their buck.” Meaning they are looking for the easiest target that will get them the biggest return. As our businesses change and advance, these cyber actors advance with them. That’s why your network’s safety is one of our biggest priorities. We value your safety and the safety of everything you’ve worked so hard for.
vTECH io is here to partner with you to protect your infrastructure and secure your networks. We offer vCyberguard, our enterprise security solution. We will help you find vulnerabilities in your internal and external networks and create a customizable solution to fit your network’s needs. You can download the vCyberguard brochure here.
To start protecting your businesses against cyberattacks today, click here, fill out the form, and we will do the rest.