Home / Business & Management / Cyber Security / Advanced Cyber Security Training: Network Security / Patching Everything
Patching Everything
This video discusses the importance of patches and the cycle one should use to ensure all patches are updated to ensure the network is secure.
In this video, we’re talking about patching everything. So why is patching such a big deal anyways? Well, according to a ZDNet article from June 4, 2019, one in three breaches are caused by unpatched vulnerabilities. Flaws are left open for weeks or even longer when fixes exists. Security experts admit leaving organisations at risk - one in three breaches. So anyone remember Equifax a few years ago? Well, Equifax had a major data breach in 2017. Matter of fact, it was one of the largest data breaches ever, if not the largest. So in this data breach, 147.9 million Americans along with 15.2 million British citizens and about 19,000 Canadian citizens were compromised in this breach.
So credit card numbers, social security numbers, all sorts of information got leaked. Now, this was caused because of vulnerability in the Apache Struts that was identified. But it wasn’t initially patched until it was too late.
So the point is, there’s a lot of different breaches out there. There’s a lot of vulnerabilities. We have application vulnerabilities, Adobe issues, patches in 2020 in July, critical security patches for multiple software. To be fair, Adobe releases a lot of security patches for a lot of their software. Zoom recently has been coming up with more and more flaws from - the more that people are using, the more flaws that are being found. Critical bugs and backdoors found in GeoVision’s fingerprint and card scanners - Microsoft constantly releases vulnerability patches. And for the June 2020 security patch, there was 129 vulnerabilities that were patched in that one patch alone, 129 vulnerabilities. And highly critical SAP bug was found.
They could allow attackers to take over corporate servers. These are all really scary things. So it’s not just your operating systems that need to be patched, but also your application software.
So what is the cost if we don’t patch and we end up with a some sort of breach? Well, in the case of Equifax, loss of public trust. Their stock prices dropped. They ended up with a congressional hearing, because there were so many users that had their accounts breached - $700 million settlement for that - and customer’s risk of identity theft. So that’s a lot of people that were potentially exposed for identity theft. So this was all because of CVE-2017-5638. And if you remember the Exploit Database, you all remember what a CVE is in the vulnerability code. So CVE-2017-5638, that was a critical Apache Strut 2.x vulnerability. And that patch was about 65 megabytes.
So let’s think about that - 65 megabytes. That would probably take a corporate network a handful of seconds to download the patch. And even on a bad day, it’d still probably take a couple seconds to actually grab that 65 megabyte vulnerability patch. And that 65 megs, probably not going to take very long to actually install that patch, to actually fix that vulnerability. However, that didn’t happen until it was too late. So we need to start to think about a patch cycle. And we need to start thinking about a patch cycle for a lot of things - your switches, your servers, your wireless access points, your computers.
Anything that has a patch, including application software, you need to think about patching this. So we want to get in some sort of cycle. Now, on workstations, we can do automatic updates. You can set it to automatically update. Now, if you don’t want to, you could always - there’s other software out there. Or you can do a group policy, for example, if you’re on Windows. You could set up a scheduling system to look for an update. Don’t install it yet. Pause a couple days, or even a week, depending on what your situation is. In some medical and financial sectors, they may wait a few days to actually apply a patch, because they want to see if it breaks anything.
If people start reporting that, well, this Microsoft patch, people can’t log in anymore - gives them time to actually fix the update and then download the fixed one and apply the update. Server settings - servers can also be set auto update. Or a lot of times, people will evaluate on a regular schedule when to update these things. Network switches and our hardware should be evaluated and updated on a regular schedule. You might not be able to apply a, say, firewall or core network switch update every week or every month, whatever it is.
However, you should end up in some sort of cycle that you’re going to say, on these dates, we’re going to check if there’s an update for our course, which we’re going to take the network down for this amount of time and we’re going to apply the update, because it needs to be updated. It needs to be secured. And that brings us to emergency patching. We should keep an eye out for critical flaws and that you need to be addressed immediately. This is going to change our update cycle. But it’s also going to be very necessary. If there is something, a critical vulnerability, say, in the case of Equifax, that was a very serious exploit that should have been patched immediately.
But it wasn’t. We need to keep these things in mind. And we need to patch, pause and patch, as necessary. So to prepare ourselves, we can search things like vulnerabilities on Exploit Database. We can subscribe to security newsletters to keep yourselves aware of, what these critical flaws that are coming out that we need to apply immediately? We can manually scan for new patches. And we can actually take a look at what’s going to be in those patches. And we can figure out if we need to apply it right away or not. We could check out the news for security-related issues.
And we could rely on our network security team, if we have one, to let us know when we need to patch it. We need to break that cycle and patch early. So patching is one of the easiest things you could do to prevent an issue.
So this was about patching. Next video, we’re going to be talking about antiviruses and console tools for it. Thank you for watching. I’ll see you in the next video.
This video addresses the importance of patches and the cycle one should use to ensure all patches are updated to ensure the network is secure.
Keeping software updated is an important aspect of a network security strategy. When a security flaw is found in software, the application developer will typically release an update or patch to rectify the security vulnerability. The importance of these patches is discussed in detail, with examples of what can go wrong when patches are not used effectively. Patching software should be a regular activity within your network security strategy.
Reflect and share: While your work network may have a team in place to ensure patches are kept up to date, what can you do with your personal network to ensure security? Share your comments in the section below.
This article is from the online course:
Advanced Cyber Security Training: Network Security
Created by
This article is from the free online
Advanced Cyber Security Training: Network Security
Reach your personal and professional goals
Unlock access to hundreds of expert online courses and degrees from top universities and educators to gain accredited qualifications and professional CV-building certificates.
Join over 18 million learners to launch, switch or build upon your career, all at your own pace, across a wide range of topic areas.
