Concord Technology Group

At Your Service - call 1-866-242-2775

7890 Forest Valley Lane
Concord Township OH, 44077

 

The Calls Are Coming From Inside The Network

News > The Calls Are Coming From Inside The Network

The Calls Are Coming From Inside The Network

 

For more than two weeks in July, hackers lurked undetected in the networks of hundreds of banks, energy companies and pharmaceutical manufacturers, thanks to a secret back door coded into the operating systems. As Ars Technica reported:

The backdoor, dubbed ShadowPad, was added to five server- or network-management products sold by NetSarang, a software developer with offices in South Korea and the US. … The attack is the latest to manipulate the supply chain of a legitimate product in hopes of infecting the people who rely on it.

Phishing isn't the only way to inadvertently let hackers into your network. Supply-chain and Zero Day attacks exploit unknown weaknesses in software to gain access. In a supply-chain attack, the weakness has been secretly built into the software by someone with access to the source code before its release. A Zero Day vulnerability is an unintended flaw discovered by hackers after release. In both case, smart attackers using the weakness to gain access to networks will try to stay undetected for as long as possible, like thieves tip-toeing around a house at night.

This is why we talk a lot about layered defense. There are too many ways into a network to rely solely on firewalls and other measures that block access. You must also be prepared to fight inside your castle walls, so to speak, and that starts with detecting an incursion.

Most hacks and malware will result in signals or data being sent out of the network, and that’s the best opportunity for detecting malicious activity. ShadowPad was discovered “after a Kaspersky Lab partner in the financial industry observed a computer used to perform transactions was making suspicious domain name lookup requests,” according to the Ars Technica report. “The resulting investigation ultimately uncovered the malicious module that was added to the NetSarang products.”

Sophisticated network-monitoring systems can detect unusual traffic that would probably go unnoticed, even by the most careful IT team. This can also be handy for preventing inside jobs.  For more information about protecting your network, contact Concord today.