More needs to be done to protect network devices

Tools

Network devices are increasingly coming under attack, as the U.S. Emergency Alert System was found this week to be vulnerable to hijacking by remote attackers. In this case, application servers used to receive the emergency broadcast messages could be accessed by unauthorized users over the Internet--the result of improper SSH encryption key management--which inadvertently exposed it to the public.

Expect more of such news to surface in the future, given the increasing number of devices that are connected to the network, and by extension, to the Internet. Indeed, a senior executive of a security vendor that I've spoken with on an informal basis was already talking about a new wave of security threats against network-enabled devices earlier this year.

After all, a typical office is likely to make use of a wide range of network devices, such as IP phones, network cameras and network printers. This doesn't even include wireless access points, which are typically deployed to support a variety of BYOD devices, such as smartphones and tablets. Within the server closet would be IP-enabled KVM, or Keyboard Video Mouse, UPS, or Uninterruptible Power Supply, and remote power switches equipped with out-of-band access, as well as associated computer servers, network storage devices, managed network switches and routers.

As evidenced by the vulnerability of the U.S. Emergency Alert System, the pervasiveness of connected devices does raise an interesting question about just what could be attacked over the Internet.

On that front, you may be interested to learn that an audit conducted by the Department of Commerce that was released last month revealed how the Economic Development Administration, or EDA, overreacted after receiving a warning from the Department of Homeland Security. You can read more about what happened here, but let's just say the EDA destroyed functional PCs and peripherals, such as keyboards and mice, in its attempt to ensure all malware was successfully eradicated.

While one may be tempted to ridicule the EDA's move, perhaps what they did may not sound so bizarre once you consider that networked printers are also susceptible to malware. Malware may also been demonstrated to infect the BIOS and even the PCI firmware on the motherboard.

Ultimately, it is clear that every Internet-connected device has the potential to be hacked, necessitating better defenses that simply don't exist today. As it is, a lot more needs to be done to protect network devices. Do you have any suggestions as to how this could be done? I look forward to hearing your thoughts - Paul Mah  (Twitter @paulmah)