Endpoint Vulnerabilities Can be Costly
As endpoint vulnerabilities have resulted in huge losses evident from recent data breaches, endpoint protection is growing in importance.
The 2017 State of Endpoint Security Risk Report reveals that 69% of companies believe that endpoint security risk to their organizations has significantly increased over the past 12 months, while only 36% have the adequate resources to address the risk. It takes an average of 100 to 120 days to patch endpoint vulnerabilities, which is incredibly dangerous because the probability of a vulnerability being exploited hits 90% between 40-60 days after discovery. Additionally, many enterprises have critical vulnerabilities that remain unpatched, leaving a window of opportunity for bad actors to exploit the endpoint vulnerabilities.
As cyber attacks evolve, Endpoint Protection with powerful and updated Endpoint Security features is necessary for every software stack. This article delves into the Heartbleed Vulnerability, one of the many bugs that can be pinpointed and eradicated with proper endpoint protection.
The Heartbleed bug is a flaw in the OpenSSL method of data encryption used by an overwhelming amount of websites, which was accidentally put into the code by German programmer Robin Seggelmann in 2012. OpenSSL utilizes a function known as the ‘heartbeat option.’ When visiting a website that encrypts data using OpenSSL, the computer sends and receives messages to check whether both their PC and the server are still connected periodically. As a result of an error code, the Heartbleed bug allows hackers to send trick heartbeat messages, which can fool a site’s server into relaying sensitive data that is stored in its RAM.
Hackers broke into the computer systems of Community Health Systems, Inc. (CHS), making it one of the highly publicized data breaches in U.S. history. Community Health Systems is one of the largest hospital organizations in the country with a network of 206 hospitals in 29 states. The hackers made off with sensitive personally identifiable information (PII) of over 4.5 million patients. It was the first known massive cyber attack leveraging the Heartbleed vulnerability to gain credentials to a Juniper Networks device.
CHS discovered the Heartbeat Vulnerability in April 2014. Patches were released, and security alerts advised affected parties to revoke and reissue encryption keys, while IT teams simultaneously prompted users to change their passwords. The entire network was finally updated in August 2014, four months after the breach. This four months left an inordinate amount of time for bad actors to continue exploiting the bug.
Heartbeat Bug is a serious vulnerability that affects a reported 70% of the internet, as OpenSSL is the most used and widely popular open source cryptographic library and transport layer security (TSL) implementation to encrypt traffic. Many of the websites that we visit daily could be using vulnerable OpenSSL.
Managing Endpoint Vulnerabilities
Cybersecurity increasingly ranks at the top of the minds of board members, key stakeholders, governments and end-users alike. In today’s technological landscape, companies must act fast to protect the data of their end users by creating an endpoint vulnerability management plan. A lack of visibility into potentially infected endpoints across the enterprise makes managing endpoint vulnerabilities a difficult task.
IT departments have a lot of factors to juggle, from stakeholder management to creating software with consumer-friendly product design, organizing sprints across global teams, prioritizing updates, gathering feedback… the list goes on. IT teams simply do not have the capacity to hunt and extinguish all possible endpoint vulnerabilities manually. The National Cybersecurity FFRDC, in cooperation with the National Cyber Security Division of the United States Department of Homeland Security, comprised a public list of 16,555 Common Vulnerabilities and Exposures. It is humanly impossible to preempt all possible bugs without the use of endpoint vulnerability management tools.
Manage Endpoint Vulnerabilities with Accelerite Sentient
Accelerite Sentient is a real-time Endpoint Security solution that gives IT teams the tools to search for and remedy endpoint vulnerabilities quickly. Once logged into the Endpoint Protection platform, IT staff can search queries in freeform text format and fire specific queries to unearth and remediate hidden issues within seconds. Approved unanimously by board members, the information from each search is classified and presented in an interactive visual and graphical format with drilldowns for IT to immediately highlight security shortcomings and quickly address them. Click here for more information about our Endpoint Protection Solutions. Click here to schedule a demo.
Further Reading – Accelerite Delivers Unified Management