SIMILAR ARTICLES:

Proposing a 'Declaration of Digital Independence'

5G Is Here—and Still Vulnerable to Stingray Surveillance

Planning an ocean observation network

Cyberspies Hijacked the Internet Domains of Entire Countries

UK Has a Plan to Corral Huawei. But Security Concerns Linger

A Peek Into the Toolkit of the Dangerous 'Triton' Hackers

A Boeing Code Leak Exposes Security Flaws Deep in a 787's Guts

Hackable Cisco Phones, a Locust Invasion, and More News

A New Breed of ATM Hackers Gets in Through a Bank’s Network

A Guide to LockerGoga, the Ransomware Crippling Industrial Firms

An Operating System Bug Exposes 200 Million Critical Devices

Microsoft’s First Windows XP Patch in Years Is a Very Bad Sign

How a Google Cloud Catch-22 Broke the Internet

One Small Fix Would Curb Stingray Surveillance

A Likely Chinese Hacker Crew Targeted 10 Phone Carriers to Steal Metadata

Computers Are Learning to See in Higher Dimensions

When Facebook Goes Down, Don't Blame Hackers

How a 10-Year-Old Desk Phone Bug Came Back From the Dead

Facebook Removes Accounts With AI-Generated Profile Photos

An Alphabet Moonshot Wants to Store the Security Industry's Data

Cisco Flaws Put Millions of Workplace Devices at Risk

Workplace phones and routers have a long , storied history of very bad vulnerabilities. Now it's time again to add to the list: Researchers say that a crop of recently discovered flaws in Cisco enterprise products—like desk phones, web cameras, and network switches—could be exploited to penetrate deep into corporate networks. Because Cisco dominates the network equipment market, the bugs impact millions of devices.All software has flaws, but embedded device issues are especially concerning given the potential for espionage and the inherent complexity of patching them. These particular vulnerabilities, found by the enterprise security firm Armis, can also break out of the "segmentation" that IT managers use to silo different parts of a network, like a guest Wi-Fi, to cause widespread issues. Attackers could target a vulnerable Cisco network switch—which moves data around an internal network—to intercept large amounts of unencrypted, internal information and move between different parts of a target's system. Attackers could use related flaws, also disclosed by Armis, to attack batches of Cisco devices at once—like all the desk phones or all the webcams—to shut them down or turn them into eyes and ears inside a target organization.

READ ALSO:

Inside the ‘Black Box’ of a Neural Network

By inserting a postage-stamp image of a baseball, they found they could confuse the neural network into thinking a whale was a shark.

“Network segmentation is a key way to secure IoT devices,” says Ben Seri, vice president of research at Armis. “But sometimes we can poke holes. And we know that enterprise devices are being targeted in the world. If they have this type of vulnerability, unfortunately that can be very powerful for a group like an APT.”The flaws lie in the implementation of a mechanism known as the Cisco Discovery Protocol, which allows Cisco products to broadcast their identities to each other within a private network. CDP is part of a network's "Layer 2," which establishes the foundational data link between network devices. All devices use some sort of identity broadcasting mechanism, but CDP is Cisco’s proprietary version.

READ ALSO:

A Cisco Router Bug Has Massive Global Implications

Separating Cisco products out by having them use CDP has some logistical benefits, but Seri points out that it also creates an easy way for attackers to find Cisco products once they're inside a network. And since all Cisco products use CDP, one vulnerability can be used to automatically and simultaneously target many devices at once, or to take over crucial devices like network switches and move laterally from there. Any Layer 2 protocol can have bugs; vulnerabilities in CDP simply provide a particularly efficient route to attacking ubiquitous Cisco products.

READ ALSO:

5G Is More Secure Than 4G and 3G—Except When It’s Not

Armis disclosed its findings to Cisco at the end of August, and today the networking giant is releasing patches for all five vulnerabilities. There are so many because Cisco implements CDP in slightly different ways depending on the product; Armis found related bugs throughout the disclosure process and worked with Cisco to patch them all.

"On February 5, we disclosed vulnerabilities in the Cisco Discovery Protocol implementation of several Cisco products along with software fix information and mitigations, where available," a Cisco spokesperson said in a statement. "We are not aware of any malicious use of the described vulnerabilities."

READ ALSO:

Holes in 4G and 5G Networks Could Let Hackers Track Your Location

To exploit the bugs, attackers would first need a foothold inside a target's network, but from there they could fan out quickly, compromising one vulnerable Cisco device after another to bore deeper into a system. And once attackers controlled a switch or router they could start to intercept unencrypted network data, like files and some communications, or access a company's "active directory," which manages authentication for users and devices.

“It’s still hop by hop. As a hacker, you still need an initial attack vector into the network,” says Ang Cui, founder of the IoT security firm Red Balloon, who has disclosed numerous Cisco bugs. “But once you’re there, at each hop you have the same vulnerability present—all the switches, firewalls, and routers in a network could be affected by this. So you’re going to have to own a lot of devices, but once you own all of them you’ve literally taken over every single piece of the network.”

READ ALSO:

What Is Credential Dumping?

The article source: www.wired.com
Tags: network, cisco, vulnerability, vulnerabilities, armis, protocol, products, product, patching, patch, software, device, hop,