One would have thought the ransomware attack that riddled the city of Atlanta would have done it. But it didn’t. Or maybe the attacks that have hit U.S. airports, county governments, or major manufacturers. But again, it didn’t. However, the point seems to be getting across now.
Better late than never I suppose.
Memphis Takes Proactive Measures
The city of Memphis has taken it upon themselves to file a request for proposal (RFP) for vulnerability penetration testing. Essentially, they want a “good hacker” to test their networks and determine where the vulnerabilities are. It would then be the city’s responsibility to resolve those security gaps.
Theoretically, if organizations are practicing proper patch management, these vulnerabilities would be minimal. However, it is clear they are not. For instance, the vulnerability that hackers exploited to infect the city of Baltimore was over two years old, with a patch readily available for years. However, the city’s network operators never installed the patch.
Is This Approach The Right Ones?
Let’s go back to the RFP. Does this make sense?
Of course, it is great to understand the network’s weak links, but doesn’t it make sense to find a security solution that will thwart these attacks? For whatever reason, the security solutions that consistently fail these organizations are not being held accountable. It is their job, after all, to keep the devices secure and the data within them safe. But they aren’t. Day after day another attack is successfully executed. Why? Because their antivirus is failing them.
Yet, the emphasis is still on patch management. It’s important. Don’t get me wrong. But it’s not the silver bullet to cyber security. Even if all of the operating systems and programs running on the network are completely up-to-date, there are still areas that malware can worm its way in. For instance, a malicious email. If employees click on a malicious link that deploys ransomware, it won’t matter how updated your networks are — it can still infect. That is unless you’re running a security solution that includes application whitelisting.
Today’s experts, and even the public, believe software vulnerabilities are the security gap in the cyber security industry. They couldn’t be more wrong. It’s blacklist antivirus. The sooner the public and IT professionals understand this, the faster we can begin to properly defend our networks.