Monday, July 13, 15:41 p.m.
Home security The real internal threat is security software

The real internal threat is security software

An unfair threat is defined as a security risk posed by an organization, and with an average cost of $ 11,45 million, it is important for organizations to address this issue. Often, the risk is attributed to malicious or negligent employees, as well as others close to the organization, such as contractors and business associates. But companies and organizations believe that security software will prevent threats. However, this understanding of unfair threats carries responsibility to the human factor, in other words, exposes them as scapegoats.

While there are people actively seeking to harm an organization, according to a report by the Ponemon Institute called the "Report on Threats to the Cost of 2020", only 23% are internal threats.

Instead of blaming people then, why don't we turn our attention to the root of the problem? That is, the security software.

Whether embedded in vulnerabilities, corrupted by governments, or used as a channel to collect profit data, the use of security software is currently fraught with problems.

Double security agents

One of the largest and most frequently used security software providers is the Czech company Avast antivirus with over 435 million active users in 59 countries using antivirus. However, by the end of January 2020, Avast was collecting user data and selling it to third parties through its subsidiary Jumpstart. In this sense, they work as double agents against the very people who entrusted them with internet security and, in particular, their privacy.

In many cases, the software itself is defective. According to the report Veracode SOSS Vol. 10 published last year, found about 10 million vulnerabilities in 85.000 applications, and 83% of these applications had at least one defect in the original scan. Of these weaknesses, 20% were classified as "high" or "very high" severity. By exploiting these vulnerabilities, hackers are able to infiltrate an organization and access its data.

Complementing things further, the enormous scale and complexity of vulnerabilities make it much more difficult to determine whether a system has or has not been corrected. Indeed, the majority of data breaches (60%) occur because the software vulnerabilities were left unchanged. Equifax's 2017 data breach and Marriott's 2018 breach are two examples of this type, collectively exposing over 640 million records.

Monkey businesses in government

In some cases, the government is involved, not in a way that resolves violations of privacy rights or by arresting the criminals behind the attacks. On the contrary, they are the perpetrators themselves. The attacks carried out by APT5, also known as Manganese, on high-tech VPN servers are a clear example.

Since August 2019, it has been revealed that Chinese state-backed hackers have conducted online scans in search of a VPN server Fortinet and Pulse Secure. They then tried to exploit two vulnerabilities in these VPN servers to gain access to files without the need for authentication. This allowed hackers to gain access to passwords and session data VPNs from vulnerable devices. The Iranians again do not go back. A ClearSky report on cyber security revealed that Iranian government-backed hacking units took priority over exploiting VPN errors as soon as they were published.

Fortinet and Pulse Secure VPN servers are widely used, with hundreds of thousands of clients. Specifically, Pulse Secure is popular among numerous Fortune 500 companies, including some of the largest technology companies and government agencies. The use of a VPN server is mainly to protect their internal servers from unauthorized access. However, if they do not, how can we turn around and accuse employees of violating the law?

Phishing for a scapegoat

Finally, there is scareware. As the name implies, scareware is a form Phishing betting on your fear and perception of an impending threat. Through a pop-up ad, cybercriminals send out warnings that your computer is infected with malware or is running "slowly." They then leverage your anxiety and panic response to provide a "solution".

However, the "solution", which is of course fake, allows the malicious hacker to access your data and install malware on your computer, perhaps even ransomware. In this type of scenario, it's easy to point the person who clicked on the ad, but what about security software providers who allow it? Is it not the responsibility of security software programs to detect malicious ads and prevent them from appearing on screen?

The real threat

In the end, let us ask ourselves what the real threat is. Many times, people are labeled as the weakest link and responsible for exposing organizations to malicious threats. However, looking at the evidence, the problems seem to stem from security software and them providers their. Considering that they are supposed to protect us, both as individuals and as organizations, from a cyber attack, it is rather ironic that in fact they are the problem.


Please enter your comment!
Please enter your name here

Teo Ehc
Teo Ehc
Be the limited edition.


Dark Mode comes in Google Docs, Sheets and Slides for Android

Do you spend a lot of time using Google Docs, Sheets or Slides on your Android phone or tablet? We have good news for you ...

Hackers seek to exploit vulnerabilities in Citrix ADC

Last week, Citrix released fixes for a total of 11 vulnerabilities in some of its most popular products, in which ...

Data from 45 million travelers are on the dark web

Security researchers from Cyble discovered in the web web files of 45 million travelers from various countries with ...

Twitter: Users promote fake death news for celebrities!

Twitter users have used the platform of the popular media network to spread and promote false news of death for ...

Security experts in Australia: Rely on local technologies

Cyber ​​experts have urged Australia to be less dependent on foreign companies, technologies and know-how for ...

Juniper Networks: fixes critical vulnerabilities in firewalls

Last week, Juniper Networks released an announcement informing its customers that it has fixed some vulnerabilities ...

Malware checks if it is running on Any.Run to avoid parsing

Malware creators have begun to check if their malware is running on the malware analysis service ...

Trump: "The US carried out a cyber attack against Russia in 2018"!

The American President, Donald Trump, admitted for the first time in an interview with the Washington Post that the USA carried out a ...

Russian hacker guilty of Dropbox, LinkedIn, Formspring hacks

Russian hacker Yevgeniy Nikulin was found guilty by a jury for violating LinkedIn, Dropbox ...

Germany: Impose sanctions on Russia over Bundestag hacking

Germany has formally proposed that the European Union impose sanctions on Russian individuals responsible for large-scale hacking of ...