Since its inception in 2004, October has been tagged as National Cyber Security Month by the National Cyber Security Alliance, a non-profit public/private partnership. The charter of the National Cyber Security Alliance (NCSA) is to, empower and support digital citizens to use the Internet securely and safely, protecting themselves and the cyber infrastructure.
Particularly because of our election cycle, cyber security has been front and center in the news, with improper use allegations deluging us from all parts of the political spectrum. As we’ve written before, hackers, like water in a storm, will penetrate your network at the points of least resistance.
One vulnerability we consistently see on corporate networks is remote serial console access for network engineers, aka Out-of-Band Management. Historically companies have used either network connected terminal servers, or simple clear-text modems to allow remote network access to routers, firewalls and switches. Think you don’t have this problem? Ask any operations engineer and you’ll soon learn that you do.
It’s surprising how many businesses of size, control remote access security to core network infrastructure with a public phone line protected by password and ID. It is little wonder that these network trap doors are lightly protected, they are often pinned up by engineers looking for quick, inexpensive remote network access. The real problem with these access points is not that they exist (they are everywhere), but rather that they are nearly always vastly under-secured.
Here’s the good news, there is a solution. The first part of the fix is exposing the problem. If you don’t know, ask your engineers how they reach a router that loses configuration, or access a firewall that is unresponsive. If you don’t know the answer to these simple questions, we implore you to look into it. Even if you rely on a third party to manage you network infrastructure, ask them how they are protecting your network from others gaining access the same way they are for maintenance. It’s no guarantee that you have two-factory security for serial access of core network equipment.
If you’d like some additional information or interested in a product demonstration, please click here to schedule a time for us to meet. We are always happy to share our knowledge and demonstrate how we can be of service.