Most of the computer users in Zambia are very well aware of viruses and the damage these programs have caused. Earlier in cyber security the actors high targeted devices have been laptops and computers. As a result the users are now more cautious taking steps to safeguard their precious computers and data. But their is one area completely sidelined most users even by Network Admins and that is the Network infrastructure devices and security.
Network infrastructure devices are ideal targets for malicious cyber actors. Most or all organizational and customer traffic must traverse these critical devices. This causes more concern and we are now seeing several incidences of hackers targeting the network devices to get access to the final peace.
Here is an advice write up from US Certs introducing the network devices and the security surrounding them.
Why Network Infrastructure Devices are Critical
An attacker with presence on an organization’s gateway router can monitor, modify, and deny traffic to and from the organization. Also an attacker with presence on an organization’s internal routing and switching infrastructure can run havoc. The attacker can monitor, modify, and deny traffic to and from key hosts inside the network.
The attacker also leverage trust relationships to conduct lateral movement to other hosts.
Organizations and individuals that use legacy, unencrypted protocols to manage hosts and services, make successful credential harvesting. They make it so easy for these malicious cyber actors. Whoever controls the routing infrastructure of a network essentially controls the data flowing through the network.
What are network infrastructure devices?
Network infrastructure devices are the physical components of a network that transport communications needed for data, applications, services, and multi-media. These devices include routers, firewalls, switches, servers, intrusion detection systems, domain name systems, and storage area networks.
What security threats are associated with network infrastructure devices?
Network infrastructure devices are often easy targets for attackers. Once installed, many network devices are not maintained at the same security level as general-purpose desktops and servers. The following factors can also contribute to the vulnerability of network devices:
- Few network devices—especially small office/home office—run antivirus, integrity-maintenance, and other security tools that help protect general-purpose hosts.
- Manufacturers build and distribute these network devices with exploitable services, which are enabled for ease of installation, operation, and maintenance.
- Owners and operators of network devices often don’t change vendor default settings, harden them for operations, or perform regular patching.
- Internet service providers may not replace equipment on a customer’s property once the equipment is no longer supported by the manufacturer or vendor.
- Owners and operators often overlook network devices when they investigate, look for intruders, and restore general-purpose hosts after cyber intrusions.
Improve Network Infrastructure Security
- Secure Access to infrastructure devices
- Segment and Segregate network functions
- Separate physically any sensitive information
- Create Vlans and seperate networks from the same
- Limit unnecessary lateral communication
- Validate integrity of hardware and software in your infrastructure