Company cybersecurity should be of upmost importance to any organization. Protecting sensitive data and client information is essential to building customer trust. A recent report conducted by the Centre for Internet Security (CIS) has found that many of today’s companies are neglecting simple cybersecurity practices. In the study, named “State of Cyber Hygiene Report”, over 300 Professional I.T. Technicians were surveyed to find out if organizations were adhering to 6 key cybersecurity avenues. Their results are as follows:

1 // Security management of company hardware

Inventory tracking of company hardware is essential to being able to detect suspicious devices that connect to your company’s network – an important part of company cybersecurity. If an attacker is able to connect a malicious device to the company’s server, they will have bypassed a critical aspect of the company’s cybersecurity wall.

The study discovered that a mere 29% of the studied companies keep inventories of 90%+ of their devices. Significantly, the survey discovered that more than half of the companies take between hours and months to discover unregistered devices on the company network.

2 // Security management of company software

Similarly to hardware management, software whitelisting allows for an organization to only allow authorized software to be installed on company-connected devices. The detection of any suspicious or unregistered software will result in an alert. Without this precaution, company computers could be running malicious software completely undetected.

With the proficiency of current-day malware, it only takes minutes of undetected connection for a malicious device to wreak havoc. However, CIS found that only 14% of organizations were able to detect new devices on their network in minutes, leaving the remaining 86% vulnerable to these devices.

3 // Ongoing assessment of vulnerable areas

Organizations should be continuously vigilant for new software vulnerabilities and react promptly in downloading relevant updates. Many historical cyberattack incidents were the result of companies neglecting to update their servers in time, making them vulnerable to threats that were in-fact patched out months before. It is recommended that companies adopt cycles of update-checks on the timeline of days and weeks, rather than months, in order to maximize security.

The study discovered that a majority (56%) of the companies have been keeping up with updates within one week, while the remainder of the companies took over a month to discover and deploy new updates.

4 // Limited administrative access

Administrative accounts have more control over an organization’s computers. Because of this, they are often a major target for cyberattackers. To counteract this, it is recommended that administrative computers are kept disconnected from sectors of the company’s network, to both minimize their vulnerability as well as their control. However, it was found that only 47% of companies are using this method to protect their administrative computers.

5 // Managed configuration environments for company devices

A common avenue for data breaches is a mistake during the set-up of software on new company systems. This is because configuration of these machines is often done in unsecure, unmonitored environments. To counteract this, it is important for the company server to scan for changes in software configuration on a minute-by-minute timeline. However, the study found that a mere 18% of companies were actually adhering to this recommendation.

6 // Ongoing monitoring of company event logs

Finally, it was deemed important for companies to continuously monitor logs of changes and digital activity. This allows for more efficient detection of suspicious or unregistered activity, which may be cause by cyberattack attempts. It was found that an astonishing 54% of studied organizations were not doing any log analysis on their network’s systems.

Strengthen your company cybersecurity and do not fall victim to cyberattack. Become informed and regularly practice these 6 critical cybersecurity measures. Our tech experts at GigE have years of cumulative experience designing, deploying and maintaining cybersecurity strategies. You can learn more about our IT security services here.

With our new 10-for-10 policy, we now offer ten minutes of professional consultation for only CAD$10. Call us at +1 888 366 4443 to get started now!

It has recently been discovered by Check Point researchers that fax machines contain cyber-vulnerabilities that allow attackers to infiltrate your network using only a fax number. Given that many companies today still use fax machines, and that fax numbers are publicly provided contact information, this new exploit poses a major vulnerability concern to thousands of organizations.

The new exploit that abuses this vulnerability has been dubbed “Faxploit” (short for fax exploit), and is believed to affect all fax-capable machines, including fax-to-mail services and all-in-one printers.

To infect the printer, all the attackers need to do is send a malicious fax to the machine. From there, they can gain full control of the device and then further infiltrate the company’s network. In their study, the researchers at Check Point were able to gain control of an HP Officejet all-in-one printer simply by sending an infected fax, and then were able to infect its network with spying software such as ‘EternalBlue’.

Another point of vulnerability that was discovered was through the fax machine’s PSTN phone line connection. Using this, attackers can exploit the machine and gain control of the device without it even being connected to the internet.

Still a Lab Contained Danger

The Faxploit has not been detected outside of the laboratory conditions, reported the Check Point researchers. However, they noted that it will only be a matter of time before other researchers and cyberattackers develop the software for themselves.

The researchers stated that they have already notified HP of the exploit, and the company has since developed and released a patch that has repaired the cyber vulnerability. This update was released on August 1^st 2018, and likely has already been applied to your printer if its update-sequence is set to automatic. However, if your printers’ updates are manually managed, it is important to ensure that the latest software has been installed on it.

The checkpoint researchers have confirmed that the exploit works on HP all-in-one machines, and has therefore prioritized communicating with this manufacturer to develop a fix. However, they believe that the exploit will also work on devices from other manufacturers. There is no word yet from these companies on fixes.

Here are some best practices to keep in mind to protect your organization’s or personal printer from infection:

Firstly, always ensure that your fax machine is running the latest software from its developer. If the automatic update feature is not turned on, manually check if the latest firmware is running. Second, if you do not use the fax features of your all-in-one printer machine, it is beneficial to disconnect it entirely from the PSTN line, eliminating this potential malicious pathway into your network. Finally, if you are unable to completely disconnect your fax machine, use network segmentation to protect critical areas of your network. This strategy involves creating ‘breaks’ in an organization’s network by disconnecting groups of computers from each other. This way, if a segment becomes infected, the infection can be contained more easily.

GigE Solutions can help your company protect its networks from fax exploits by ensuring that all your machine are up-to-date with the latest patches from developers. Contact us at +1 (888) 366-4443 to get started today.