How does having one unsecured or obsolete device on a network make the entire network vulnerable?


How does having one unsecured or obsolete device on a network make the entire network vulnerable?

In: 3

Pretend that you have an motel that has both inside and outside doors. You lock all the doors except just on outside door. If someone comes in that one door they can now get into the inside hallway and look around, break stuff and maybe find an unlocked inside door to another room because the room trusted everyone inside.

The unsecured device is that open outside door.

A virus enters one device and from that device the virus can spread to every other machine, since the major point of items on a network is being able to share stuff. In a way it is similar to humans and vaccines and why you want most of the population vaccinated to stop the spread.

In a network, the outer facing layer of security is generally one of your stronger security layers. But when devices on the network communicate with each other, they often times have less security on those communications – it’s assumed that somebody within the organization will be less likely to want to cause problems, since those problems are generally pretty traceable and that means they’ll get caught and prosecuted.

Once an attacker gains access to your network via any device – unsecured or not – they gain two very strong advantages. One, any digital attacks they launch can come from that device, which means they don’t have to deal with any external network security.

But secondly, they gain the ability to pretend to be a legitimate user of the network, which makes tricking people into giving them information or access to things much easier – this is called social engineering. For instance, if I gain access to Bob’s unsecured computer, but Bob is a relatively low level peon in his organization, that’s fine! I just set it up so that every email attachment Bob sends out also happens to install malicious software on any computer that opens the attachment, and now I have access to anyone Bob emails. Eventually I either have access to some information I want, have the access to do something I want, or I can try to trick somebody into doing something I want by pretending to be one of the people I have access to. Maybe I’m pretending to be some VP and I email somebody in accounting telling them to deliver payment to an account for some fake service the company never ordered or received, and by the time the trickery is discovered, I’ve transferred the money somewhere it can’t be recovered from. Maybe I gain access to HR and get a company list of names attached to personal identification data and now I can open a bunch of fake credit cards and order stuff to sell. Or maybe somebody on the network is dumb enough to put something illegal on a work computer and now I have a blackmail target.

It makes it vulnerable because it’s a vulnerability. But at the same time one device doesn’t cancel out every security protocol put in place like others are implying here.

This is why good security has many layers. You don’t just want a firewall, you want restricted access for each user depending on their role, and you want virtually isolated networks for each group of users etc.

Firstly, networks are intricate systems where all devices are interconnected. If one device lacks proper security measures, it becomes an attractive target for cyber attackers. Once compromised, this device can serve as a gateway for attackers to infiltrate the rest of the network. This means that the security of the entire network is only as strong as the weakest device.

Additionally, outdated devices often have known vulnerabilities that attackers can exploit. These vulnerabilities might not have been patched or updated, making it easier for cybercriminals to gain unauthorized access. Once they breach this initial point of entry, they can pivot to other devices within the network.

Another concern arises from the lateral movement that attackers employ. After gaining access to one device, they seek to move laterally through the network to expand their control. Unsecured devices become particularly useful in this scenario, as they offer a starting point from which attackers can explore and compromise other devices, potentially spreading malware and causing havoc.

Furthermore, unsecured devices might unknowingly transmit sensitive data to unauthorized parties. Once compromised, attackers can use these devices to exfiltrate valuable information, leading to data breaches and potential legal and reputational consequences.

Compromised devices can also be harnessed by attackers to launch attacks against other devices or services. This can overload network resources, causing performance issues and disruptions that affect legitimate users.

In essence, the presence of even one unsecured or outdated device on a network can create a domino effect of vulnerabilities. It weakens the network’s overall security posture, making it more susceptible to various cyber threats. Therefore, maintaining robust security practices across all devices is essential to safeguard the integrity and confidentiality of the entire network.