Access control is a security process that regulates a user’s ability to connect to different systems or networks. While our accessibility is increased through cyber technology, we are also providing attackers additional ways to penetrate our networks. This discussion will provide examples of how attackers, nowadays, are hacking access control systems and in turn gaining access to enterprise networks.
A recent article was published from ZDNet about a cyber-attack which targeted building access systems to deliver a DDoS attack. According to an Applied Risk security advisor, the issue arose because Nortek Security & Control (NSC) failed to provide appropriate patches. It is not uncommon for one of these access control systems to be targeted since attackers are aware of the vulnerabilities, and they hunt for these weak points.
Attackers are becoming aware of vulnerabilities by conducting continuous scanning of access control systems to identify and then exploit these vulnerabilities. One of the most common vulnerabilities, CVE-2019-7256, can be implemented remotely or by a low-skilled hacker (i.e. DDoS botnet operators).
The CVE was identified in January of this year, but attackers are still remaining successful with a steady stream of victories. There are approximately 10,000 attacks taking place daily against these systems.
Countermeasures that I recommend (not limited to) include patches, updated Firewall, and VPN protection. NSC systems are tempting targets because last year, they had over ten security bugs. Don’t be the cybersecurity professional with their head in the sand. Verify countermeasures and make sure you are clear on possible vulnerabilities and that you have made appropriate measures to reduce the attack surface.