The news is filled with headlines announcing one data breach after another as both financially and socially motivated hackers worm their way into private networks. A data breach can create chaos in any size organization, with major financial repercussions, not to mention the impact on a company’s brand reputation as well as its customers’ trust and loyalty.
Every data breach is different, but there is one common factor that many of them share: a remote access service or tool was used to infiltrate the network.
In the Verizon 2012 Data Breach Investigations Report, remote access services again claimed the number one spot on the list of top pathways leveraged by hackers, used in 88 percent of hacking attacks. The report specifically calls out legacy point-to-point solutions (such as VNC and RDP), as the most common tools used by hackers. The report also mentions that 81 percent of data breaches in 2011 involved some form of hacking, up 31 percent from the previous year.
Chris Porter, a principal of Verizon’s RISK Team, reiterated findings of the report and offered data breach defense tips in a recent podcast interview with Healthcare Info Security. Porter noted that overlooking basic threat defenses is how many companies are putting themselves at risk. In discussing the industrialization of attack styles from organized crime, Porter notes:
“They're looking for specific remote access services that are available and are Internet-facing. They try default credentials, and if they find them, then the tool will automatically install malware. Typically, it's a key logger and the key logger can be preconfigured to automatically collect data and then send that data out and back to the attacker, either through uploading it to a website or putting it out on an FTP server or even e-mailing it to a specific e-mail account. At that point, the attackers can aggregate the data and they put it on the black market and sell it, or they can turn it over to another part of their organization for converting it into some type of cash. This particular type of style is increasing. It's intensified from last year, so I think that's behind some of the increase in the number of attacks.”
Part of this open-door risk is due to many organizations continuing to use the same, outdated tools to access and fix remote computers and servers. These tools provide basic, point-to-point connections to systems within their organization that allows IT support technicians to remotely access and fix them as if they’re in the same room. Many of these solutions lack modern security features, creating a laundry list of vulnerabilities that feed hacker’s appetites, including open listening ports that become the backdoor that hackers use to let themselves into your network.
If security is a top priority for your organization and if you are concerned about your remote support solution letting intruders in, check out Bomgar’s new whitepaper, Close the Door on Hackers with Secure Remote Support, which outlines how to protect yourself against hackers. Download it today and learn more on how to keep your network safe!