Skip to content
NGTEdu Logo

NGTEdu

A PRODUCT OF NGTECH.CO.IN

NGTEdu Logo

NGTEdu

  • Home
  • Cyber Attacks
  • Malware
  • Vulnerabilities
  • Data Breach
  • Home
  • Cyber Attacks
  • Adding visibility to the invisible: securing your automated systems
  • Critical Vulnerability
  • Cyber Attacks
  • Vulnerabilities

Adding visibility to the invisible: securing your automated systems

4 years ago Irfahn Khimji
Adding visibility to the invisible: securing your automated systems

Have you ever dined in a restaurant with a police officer?  When choosing a table, or seating location, law enforcement professionals will often choose the seat that positions them with their back to the wall.  This plays out quite humorously when a group of law enforcement professionals dine together, all racing toward that coveted “protected” chair.  It’s obvious why this occurs.  Law enforcement professionals are trained observers, and any time that their clear view of a room is obstructed, they become uncomfortable.  The same is true with other trained professionals.  A firefighter will often enter a room, noting the exits and occupancy. 

Cybersecurity professionals are similarly observant, aware of systems such as door mechanisms, security cameras, and other vulnerable artifacts of our modern world.  Even a simple elevator ride can be a fascinating experience for a security practitioner.  The average person may wonder what makes these objects a source of fascination for security professionals?  The thought that all of these security controls are connected, and in many cases, automated, piques their curiosity.  Unfortunately, cybercriminals are also interested in these controls.

Automation is everywhere

Think of the last action movie you saw that involved a physical break-in to a secured area. The technology in place to protect those areas usually involved some type of monitoring system. Whether it was an automated door-locking mechanism, or a camera, the first step the criminals always took was to alter the automated system to appear as if it was in a normal state, even if it wasn’t.   One of the most common examples is to force a surveillance camera to display an image of an empty room while the thief is inside that room.  Another example is to force a door locking mechanism to remain unlocked longer than usual, creating an unassisted “tailgating” opportunity.  From a security standpoint, each of these attacks required an unauthorized configuration change to a system.

Automation of a building’s security system can appear in the most unlikely places. Some fire protection systems are set to automatically open and close valves, releasing fire suppressants based on a triggering threshold.  This is vastly different from the earlier heat or pressure activated systems.  Heating and cooling systems for most large buildings are also automated.  Automation is also present out on a city streets, with parking meters that can report usage or expiration notices back to a central system, smart meters to measure electricity usage, or smart snow ploughs to help plan city routes.

When viewed on a small scale, vulnerabilities in all of these systems seem somewhat insignificant. So what if someone extends the time on a parking meter?  It is criminal, but not critical.  However, on a larger scale, these vulnerabilities can have grave consequences if they are exploited. Buildings that require controlled environments, such as chemical storage plants, hospitals, and other sectors of critical infrastructure rely on multiple automated systems to keep everything functioning normally and keep everyone safe.

Adding visibility to the Invisible

Unlike the police officer who rushes to be seated facing the crowd, or the firefighter who notes the exit paths, there is no way to physically observe what is occurring with many automated systems.  Recent incidents that targeted water treatment plants demonstrate the need for better security, as well as better monitoring. This is where Tripwire can help in a couple of different ways.

First, knowing how these systems are configured is key to ensuring everything is functioning normally. When a configuration item changes, Tripwire can help you evaluate whether that change takes the device into an insecure state or not. Tripwire can also help determine if that change was authorized or not by verifying if there was a ticket in your change management system that went through the appropriate change control process.

Second, Tripwire can assist in understanding the vulnerability risk posture of your critical assets. This allows you to make informed decisions of what systems need to be mitigated, patched, or firewalled to prevent unauthorized access. All of this while being able to report on the progress of remediation and risk reduction either with reporting out of the Tripwire toolset or by integrating with your ticketing system.

The key to protecting the invisible is staying invisible. Understanding what risks are in your environment will help you prioritize your time and reduce the impact to your user base, all while ensuring the automated systems continue to function properly, and remain available.

The post ” Adding visibility to the invisible: securing your automated systems” appeared first on TripWire

Source:TripWire – Irfahn Khimji

Tags: Critical Severity, Goverment, TripWire

Continue Reading

Previous Microsoft’s May Patch Tuesday Updates Cause Windows AD Authentication Errors
Next Watch Out! Hackers Begin Exploiting Recent Zyxel Firewalls RCE Vulnerability

More Stories

  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

⚡ Weekly Recap: Proxy Botnet, Office Zero-Day, MongoDB Ransoms, AI Hijacks & New Threats

2 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Notepad++ Official Update Mechanism Hijacked to Deliver Malware to Select Users

5 hours ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

eScan Antivirus Update Servers Compromised to Deliver Multi-Stage Malware

8 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Open VSX Supply Chain Attack Used Compromised Dev Account to Spread GlassWorm

9 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Iran-Linked RedKitten Cyber Campaign Targets Human Rights NGOs and Activists

2 days ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Mandiant Finds ShinyHunters-Style Vishing Attacks Stealing MFA to Breach SaaS Platforms

2 days ago [email protected] (The Hacker News)

Recent Posts

  • ⚡ Weekly Recap: Proxy Botnet, Office Zero-Day, MongoDB Ransoms, AI Hijacks & New Threats
  • Notepad++ Official Update Mechanism Hijacked to Deliver Malware to Select Users
  • eScan Antivirus Update Servers Compromised to Deliver Multi-Stage Malware
  • Open VSX Supply Chain Attack Used Compromised Dev Account to Spread GlassWorm
  • Iran-Linked RedKitten Cyber Campaign Targets Human Rights NGOs and Activists

Tags

Android APT Bug CERT Cloud Compliance Coronavirus COVID-19 Critical Severity Encryption Exploit Facebook Finance Google Google Chrome Goverment Hacker Hacker News High Severity Instagram iPhone Java Linux Low Severity Malware Medium Severity Microsoft Moderate Severity Mozzila Firefox Oracle Patch Tuesday Phishing Privacy QuickHeal Ransomware RAT Sim The Hacker News Threatpost TikTok TripWire VMWARE Vulnerability Whatsapp Zoom
Copyright © 2020 All rights reserved | NGTEdu.com
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Read More here.Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT