11 October, 2019
Beware VPN users, patch immediately if you are on Fortinet
Article: VPN
Hackers patronized by the government are out to disrupt various international data bases using VPN exploits.
Are your organizational employees used to using Virtual Private Network applications like Fortinet, Palo Alto, or Pulse Secure?
Its time you revamp your official system with the necessary patches and also look out for compromising signals.
Why?
As reported by ZDNet in September,a group of Chinese hackers backed by the state government called the APT5 have been targeting enterprise VPN servers using Fortinet and Pulse Secure products.
But that’s not all.
APT5 may not be the only group targeting VPN servers.
National Cyber Security Centre or NCSC, a faction of UK’s spy agency GCHQ has issued a warning that Palo Alto's Global Protect portal and Global Protect Gateway interface products are also susceptible to such state sponsored hacking onslaught.
NCSC further warns that this kind of cyber disruption attempts have been going on for long and are well extended over sectors like government, military, academic, business, and healthcare.
NCSC further mentions six of the highest-impact vulnerabilities of the products that are being misused by the APT group.However the patches for each of the vulnerabilities are also readily available which are urgently recommended to admins in order to avoid compromise, specially because the exploit code for the bugs are present across the internet.
The hacking mechanism that is followed starts with the VPN shortage allowing intruders to get authentication details which can be of help to connect to the VPN and alter configuration settings or gain a root shell.
In the wake of the attacks the NCSC has provided detailed and product-specific instructions for admins to check for signs of previous exploitation.
According to NCSC organizations violated by state-sponsored hackers should check all VPN settings and services such as email that users connect to the network through a VPN. Organizations should implement two-factor authentication for VPNs and disable unnecessary functionality and ports on the VPN.
Read on to know more about cyber security challenges in the corporate world: www.isoah.com/common-cyber-security-challenges-companies-face.php
Visit here if you want your organization to be secure form hacking: www.isoah.com
