White hat hacker illustrates how vulnerabilities can give unwanted access into your environment
While patching vulnerabilities may seem like a basic component of any organization’s information security plan, many often overlook this important step.
Hackers know this and are quick to search for exploits not long after vulnerabilities are discovered. Did you know that while it takes an average organization almost 200 days to patch a vulnerability, nearly half of all exploits happen 10 to 100 days after a vulnerability is published?
A recent co-presentation between GuidePoint Security and BMC takes a look at challenges vulnerabilities create for operations and security teams, explores how attackers use these vulnerabilities to exploit their way into environments, and discusses tools to quickly prioritize remediation and build a defense.
In “Hack to the Basics,” Brian Brush, regional partner with GuidePoint, says operations and security teams must do more work to bridge the gap between them.
“Most organizations still struggle with this,” he said.
Among the challenges are manual processes teams often use to find vulnerabilities.
“Hackers are already automated,” Brian said.
Seth Corder, automation specialist with BMC, emphasized Brian’s point by saying known vulnerabilities are often how attackers get into environments.
“They are looking for the easy stuff,” Seth said, adding that 80 percent of the potential attack surface is known vulnerabilities, even though 99.9 percent of the time there is a solution to fix it.
Automation tools like BMC’s BladeLogic Threat Detector can do just that.
Brian and Seth encourage operations and security teams to remember the value of fundamentals. Patch both internal and external vulnerabilities and focus on remediation. With a solid strategy for vulnerability hunting and patching, teams can direct their attention on making it harder for attackers to enter an environment and cause damage.
To see the full presentation and learn more about how vulnerabilities are a risk to your organization’s overall security, check out the video on BMC’s YouTube channel.
When an attacker breaches the perimeter
Victor Wieczorek, GuidePoint managing security consultant, is a white hat hacker who knows firsthand how easy it is to exploit systems where vulnerabilities are not patched and remediated.
In the same presentation with BMC, Victor demonstrates how quickly attackers can gain access to vulnerable systems.
“Hackers look for openings,” he said, clarifying they go after the easy things, like known vulnerabilities, first.
In a hands-on demonstration, Victor explains how, with a few scripts and automated tools, he can access a system where a vulnerability remains unpatched, long after a fix is available.
Attackers use the same vulnerability and automated scanning tools as security teams, Neil Parisi, BMC principal software consultant said. Playing the role of the “good guy” in the demonstration, Neil says it’s a race to the finish line between security/operations teams and attackers.
“Can you patch before they penetrate?”
In part two of the video series, “Hacker Breaches the Perimeter,” Victor uses easily downloadable and free tools to successfully access the demo environment, while Neil shows how BladeLogic can quickly patch and repair the vulnerability.
But, like most tenacious hackers, Victor doesn’t give up. Using information obtained before detection of the vulnerability, he moves on to secure a username and credentials for part three, “Breached! Hacker Moves on to Exploit the Center.”
In the fourth and final part of the video series, “Hacker Goes for Admin Rights,” Victor continues to move around in the environment undetected. How does he do it? By using the username he detected in the previous exploit and rolling the dice on his gamble the user had the same password for multiple systems. The result? Victor gains admin credentials and masks his malicious activities like an approved user. Watch the full video to find out how much access Victor gets as he exposes vulnerabilities and how the BMC team uses BladeLogic to stop the attack.
About GuidePoint Security
GuidePoint Security LLC provides innovative and valuable cyber security solutions and expertise that enable organizations to successfully achieve their mission. By embracing new technologies, GuidePoint Security helps clients recognize the threats, understand the solutions, and mitigate the risks present in their evolving IT environments. Headquartered in Herndon, Virginia, GuidePoint Security is a small business, and classification is with the System for Award Management (SAM). Learn more at: www.guidepointsecurity.com.
BMC is a global leader in innovative software solutions that enable businesses to transform into digital enterprises for the ultimate competitive advantage. Its digital enterprise management solutions make digital business fast, seamless, and optimized from mainframe to mobile to cloud and beyond. BMC digital IT transforms 82 percent of the Fortune 500 and serves more than 10,000 customers worldwide. For more information, visit www.bmc.com.