Network switch hacking vulnerabilities – the value of encryption certification testing and separated security duties.
200,000 CISCO network switches hacked! Quoting Geetha Nandikotkur for Data Breach Today, “Over 200,000 Cisco network switches worldwide were hacked Friday, apparently affecting large internet service providers and data centres across the world, especially in Iran, Russia, the United States, China, Europe and India, according to an Iranian government official.”
This is not the only reported large-scale successfully hacked security vulnerability discovered in network switches and routers. Numerous network devices have been a proven source of security vulnerabilities to hacking and damaging cyber-attacks in recent years.
Encryption security experts have repeatedly warned enterprises and governments that a key reason to encrypt their high-speed network traffic with dedicated (and certified) encryption products is the persistent vulnerabilities of network hardware – the switches and routers. This warning is even more compelling when organisations use these network devices as hybrid encryptors – switches/routers with embedded encryption.
The reality is that network switches/routers can expose organisations’ networks to untold damage. When the vulnerability allows an attacker to gain control of the device, the attacker could take control of the network, data routing, shutting down the network and cause enormous business disruption (and expense).
Worse is the case of such a network switch with embedded encryption – relied upon by organisations to protect their data. While the customer believes the network data is safe, the vulnerability may have allowed the attacker to turn the encryption off!
This highlights the valuable benefits of certified high-assurance network data encryption – certified by independent testing authorities and the high-assurance of complete separation of duties.
It is for this reason that security experts recommend dedicated hardware encryptors to protect core IT and network data. And beyond the core infrastructure, equally, the extended WANs’ data should also be encrypted by a separated solution to the network devices themselves.
“The attack apparently affected 200,000 router switches across the world in a widespread attack, including 3,500 switches in our country.”
About 55,000 devices were affected in the U.S. and 14,000 in China; other victims were located in Europe and India, Azari-Jahromi reports.
The hacker attack on Cisco router equipment apparently exploited a vulnerability in software called Cisco Smart Install Client, which allows hackers to run arbitrary code on the vulnerable switches, according to a blog by Kaspersky Lab.
The hackers apparently reset the targeted devices, making them unavailable for reconfiguration and leaving a message that reads: “Do not mess with our election,” displaying a U.S. flag on some screens, Kaspersky Lab explains.
Read the full story from Data Breach here