Cisco Security Research analyzed 115,000 Cisco devices on the internet and across customer environments to get a better understanding of the problem. They found that approximately 106,000 of the 115,000 devices (92 percent) had an average of 26 known vulnerabilities in the software they were running. Additionally, many organizations were running outdated software in their network infrastructure. Some customers in the financial, healthcare and retail verticals, for example, were using networking software that was more than six years old. Many of the infrastructure devices analyzed had reached their last day of support and could no longer be updated and made more secure.
Old Networking Devices Are No Match for Today’s Threats
Companies may think their 10-year-old networking devices are doing the job for which they were intended, but only if that job doesn’t include keeping their network and data secure. Decade-old network devices are less likely to have the protections necessary to withstand today’s cyberattacks. Two examples of security-centric capabilities we’re seeing in newer devices, include:
- Image signing: Cryptographically signed images help ensure that BIOS, firmware and other software updates are authentic. As the system boots, this signature is checked by an anchor of trust, ensuring the integrity of the system’s software. This is an important feature for preventing man-in-the-middle replacements of software and firmware, plus it provides layered protections against persistence of illicitly modified firmware
- Secure boot and hardware trust anchors: Secure boot takes image signing to the next level by providing increased assurance about the integrity of the hardware and software that are performing image checks and other critical system functions. It does this through a combination of immutable, hardware-based anchors of trust, and it ensures that a system’s foundational state and software cannot be modified, regardless of a user’s privilege level.
Cisco engineers created a best practices security guide to harden Cisco IOS devices, which offers several helpful tips and covers topics such as software patching, strong credential management, physical security for all network devices and robust architectural defenses that include telemetry-based infrastructure device integrity monitoring.
As we look at the threats that lay ahead, implementing a combination of best practices and modern defenses should be top priority for IT security professionals. This requires a realization of the importance of IT’s fundamental nature, and an honest assessment that outdated network technologies pose a serious security risk for customers.
For more IT security tips, research and best practices, be sure to check out Ingram Micro’s Cisco Security Resource Center.