Equifax Hack — One Patch Could Have Stopped it

Security
Hacker on computer

Hacks these days can be so huge, it is hard to call any one of them stunning. However, the Equifax breach that compromised the data of 143 million consumers, and was based on a vulnerability known (and repairable) for two months, is truly gigantic. And it never would have happened if Equifax installed one simple patch for its Apache web server, one it had in had in mid-July, that was actually written way back in March.

In all, some 209,000 credit cards were compromised.

If that wasn’t bad enough, now there is a threat of phishing, with cybercriminals convincing consumers they were victims of the Equifax, and they need to click a link for help. Bad idea, as the links are thoroughly malicious. The tragedy is the Equifax hack strikes twice.

The hack follows a well-known pattern. Security researchers, hackers, the software vendor or open source organization find a flaw, and then a patch gets written. That patch is a blueprint for cybercriminals who know that not everyone installs these fixes.

In the case of ransomware, such as Petya, hackers go after unpatched Microsoft-based systems. Microsoft has a rigorous and public system for patching its software, giving hackers ample opportunities for attack. In the case of Equifax, the flaw was with the open source Apache web server, a leading solution for websites and web farms.

Whether the software your commercial or open source, it is critical to keep it updated, as the majority of successful breaches are against unpatched machines. If a massive credit reporting company, with so much consumer data, can be hit so hard, it can happen to anyone who fails to patch.

Be Smarter (and Safer) than Equifax

No matter how large your shop, you can be smarter than Equifax and avoid the majority of breach attacks. The answer is to keep all systems patched. To do it properly, patching should not be a manual, case-by-case approach, but an automated system that encompasses all your servers and endpoints.

Phishing with Equifax Bait

As if the compromise of 209,000 consumer credit data records wasn’t bad enough, phishing attacks are a new worry. Eric Schneiderman, New York Attorney General, says the 8 million New York State residents impacted by the breach should beware of Phishers.

“In addition to taking measures to protect their credit cards and bank accounts, New Yorkers should also think twice before clicking on any suspicious links claiming to be from Equifax or financial institutions,” Schneiderman said in an announcement. “Hackers are resourceful criminals who are constantly looking to exploit any vulnerabilities, and I encourage everyone to educate themselves about how to best protect their personal information.”

Here are some things to watch off for, the Attorney General said:

  • Phishing emails that claim to be from Equifax where you can check if your data was compromised.
  • Phishing emails that claim there is a problem with a credit card, your credit record, or other personal financial information.
  • Calls from scammers that claim they are from your bank or credit union.
  • Fraudulent charges on any credit card because your identity was stolen.

The Answer is Automated Patch Management

The good news is the answer is simple – keep your network and machines fully patched and updated.

How you chose to do so can be simple or hard. If you go the old manual route, there is a slim chance you will be able to identify all the needed patches on all the systems and get them installed properly. Meanwhile, you can spend your whole week trying.

The simpler, more complete route is to automate all steps in the patch process.

The first step in patch management is conducting an inventory of all your machines, even mobile devices. This asset management audit should include information on operating system and status, and all applications – with their patch and update status.

This inventory process should be regularly and easily repeatable so that new devices and software are quickly and automatically discovered – and patched.

Next, the tool should gather all needed patches, and based on policies and priorities you define, automatically install them. In some cases, you may want to test the patch before deploying to avoid software conflicts, and this should be automated as well through acceptance testing and the ability to do rollback.

Let Kaseya Help

Kaseya understands the difficulties of patch management, and our Kaseya VSA solution fully automates every aspect of patch management, including:

  • Comprehensive Discovery and Audit to find all devices in the first place, as well as monitoring operating details (to know what needs to be patched)
  • Policy-based Management and Control Automated Patch Deployment that you set up, controlling exactly which patches get deployed, as well as when and how to match your business’ specific needs
  • Remote Management to access and patch all devices, including off-network devices sitting on an employee’s countertop. If laptops need to powered on or powered off, VSA can automatically take those steps to ensure the patch is fully installed.
  • Real-time, comprehensive reports with drill-down and the extensive ability to use filters

Learn more about proper patch management with our piece on Patch Management Best Practices.

Don’t have time to read. Tune into our Eight Steps to Better Security Patch Management Webinar.

Posted by Doug Barney
Doug Barney was the founding editor of Redmond Magazine, Redmond Channel Partner, Redmond Developer News and Virtualization Review. Doug also served as Executive Editor of Network World, Editor in Chief of AmigaWorld, and Editor in Chief of Network Computing.
Shield Icon Cyber Security, Digital Data Network Protection, Future Technology Digital Data Network Connection Background Concept.

3 Vulnerabilities to Plug to Secure Your Customers’ Remote Workforce

The migration to a remote workforce hit fast forward in the past year as businesses around the world asked employeesRead More

The Role of Endpoint Management Tools in IT Security

IT security has been the top priority of IT teams for the past several years. According to the 2020 StateRead More

Two security experts reviewing data

Cybersecurity is Crucial: Things You Must Know From the Latest Federal Hack

Endpoint security is highly critical for an organization, as a single vulnerable endpoint can act as a doorway for cybercriminalsRead More

Cybersecurity Warnings

Pay Attention to Cybersecurity Warnings

It is becoming increasingly challenging to keep up with emerging cyber threats that are even more dangerous and destructive thanRead More

2020 IT Operations Survey Results - Highlighs and Key Takeaways - Watch Now
2021 MSP Benchmark Survey - Download Now

Archives

Categories