Why Is Patching So Important For Cybersecurity?
The Importance of Software Updates for Protection
One of the simplest yet most critical steps in protecting your computers from cyber threats is ensuring that they are running latest patch updates from developers. Microsoft has reported that only 1/3 of Windows 10 computers have applied the update that they released on April 30th 2018. This leaves 450 million systems still running an out-of-date version of the operating system.
Patches do not only contain bug fixes and performance improvements. Instead, they often provide fixes to newly discovered vulnerabilities in the software. Despite this, many organizations delay patching for months after they are released, exposing their data to potential attack.
Furthermore, oftentimes cyberattacks do not need to be targeted at specific organizations. Instead, attackers can automate a scan of the internet to locate all systems running older vulnerable versions of a particular software. After identifying these systems, they can then infect them with malicious software.
Therefore it is essential that you keep your organization’s computers up to date with the latest patches in order to protect them from cyberattack.
Major Incidents Caused by Neglected Updates
In April 2017 hacker group Shadow Brokers leaked a cyber vulnerability used by the U.S. National Security Agency which allowed attackers to lock-up files on hundreds of thousands of computers. The vulnerability, named “EternalBlue”, was able to be exploited by a malicious software called WannaCry. Microsoft reported that it had in fact released the patch protecting against this vulnerability a month prior to the event. However many organizations neglected to apply the update, and were therefore left vulnerable to the attack.
This incident was an example of an opportunistic, rather than targeted attack. Instead of focusing efforts on specific organizations, attackers instead scan for unprotected computers and target those vulnerable to their malware. Rendition researchers demonstrated this automation process during their efforts to find out how many computers had been impacted. By mass-distributing ‘pings’ that were sensitive to the DoublePulsar malware, they were able to echolocate systems impacted by this virus. However while Rendition used this strategy to identify infected computers, attackers can likewise use it to discover vulnerable PCs. This was the case in another incident involving the SamSam malware, which affected computers running outdated versions of Jexboss software.
In another incident in September 2017, Credit Reporting Agency Equifax reported that close to 150 million consumers located in the US, Canada, and UK had their data compromised because of the delayed update of a software they used called Apache Struts. The vulnerability allowed attackers to gain control of the affected computers.
Similarly to Microsoft, Apache released a statement noting that the vulnerabilities had been identified and patched March of that year. In fact, the U.S. Computer Emergency Readiness team (US-CERT) had also released an announcement that same month, urging users to update their Struts software to newer versions.
Learning from these incidents, it is clear that keeping up with patches is an essential step to protecting your computer against new cyber threats. This is not only the case for operating systems such as Windows, but also for many open-sourced software such as Apache. In fact, Black Duck found that 78% of open-source codebases contained cyber-vulnerabilities, which now often make up the majority of software.
At GigE, our experts can help your organization ensure that it is running on the latest patch software, to maximize protection of your sensitive data. Contact us at +1 (888) 366-4443 to get started today.