I wish I could say that this post would be something new – like buy “xyz” product and perform handstands or something and all your problems are solved.
Unfortunately The Equifax breach likely happened due to unpatched systems. As even Equifax itself admitted¹:
So as we discuss this problem many times, how can a company with IT people and Cyber security people possibly miss patching this kind of a vulnerability?
it is not as if the vulnerability is a minor one. this Apache Struts vulnerability is a severity 10 (on a scale of 1-10) and as I have mentioned before the time after a vulnerability is found the clock is ticking. The hackers try to exploit and companies try to patch the problems as soon as possible to prevent from happening what happened to Equifax. Rapid7² discusses the exploits available and what should be done. (Solution: upgrade to latest apache-struts)
Somehow the upgrade process and patching of critical pieces of infrastructure is very difficult for organizations and thus they are susceptible to attacks. and will be until we as consumers can push them into fixing things. How will we know if companies are patching? Someone has to audit them, someone like us (as a Certified Information Systems Auditor) at https://fixvirus.com/
It seems simple to me, but somehow this process of patching highly vulnerable systems is very difficult. And thus it takes time, which the hackers use to try and gain entry. Once the hackers have entry into your systems (evading defenses and taking information) it is a short time to a full fledged breach.
- https://www.theregister.co.uk/2017/09/14/missed_patch_caused_equifax_data_breach/
- https://www.rapid7.com/db/vulnerabilities/apache-struts-cve-2017-5638