What Threat Vectors Do Malicious Actors Target?
Open or unsecured
ports offer a low effort, high return on investment threat vector for most
malicious actors. Ports act as the gatekeepers to your IT systems, giving
physical devices access to external devices such as connected printers or
on-premises servers. In other words, even though these access points may be
located in your physical buildings, they create a threat vector by using the
internet so that devices can “talk” to one another.
Why do malicious actors target ports?
Ports provide an electronic entryway
into your systems, software, and networks because they allow devices to create
the two-way communication paths through which data travels. Often, attackers
insert malware or ransomware into devices using these ports. Once the malware
infects one device, it can spread to all devices connected to the network.
Some ports provide malicious actors
with an exit strategy. Malicious actors can gain access to your data, but they
need a way to download the information. When these ports lack security controls,
malicious actors can manipulate the data, send it to their own servers using
the port, and then translate it back to readable form.
The primary problem with ports is that
they require organizations to configure them as part of the security control process. Unfortunately,
organizations often use vendor-supplied passwords or other built-in
configurations. Since the malicious actors know the vulnerabilities and
vendor-supplied passwords, misconfigured ports become a threat vector.
Comments
Post a Comment