[ad_1]
When WIRED reached out to Jamf for comment, the company’s chief security officer Aaron Kiemele also said that the Black Hat investigation did not address any security risks. But Kiemele’s “operational supervisors,” he added, always had an “attraction to attackers.” Therefore, every time you use a multi-weapon management system, and direct supervisors, it becomes necessary for the system to be developed I’m well-managed. “He referred to Jamf’s users the book “hardens” the position of Jamf through flexible and adaptable change.
Although former F-Secure researchers are more focused on Jamf, it’s not just on remote devices as a possibility attack on top to the hijackers, says Jake Williams, a former NSA embezzler and technical officer at BreachQuest. Beyond Kaseya, tools like ManageEngine, inTune, NetSarang, DameWare, TeamViewer, GoToMyPC and others also have fluid purposes. They are ubiquitous, often do not have special privileges on PCs, are often unforgivable on the antivirus and are ignored by security officials, and are able to install software on many of the machines in the system. “Why are they better off taking advantage of them?” Williams asks. “You get a chance for everything they look up to. You’re in God’s way.”
In recent years, Williams says he sees in his security actions that hackers have “repeatedly used” remote monitoring tools including Kaseya, TeamViewer, GoToMyPC and DameWare against its clients. It is understood that it was not because all these weapons had their own problems, but because the thieves used their legitimate methods when they had the opportunity to use the victim’s network.
Instead, the widespread use of these weapons dates back to 2017, when a group of Chinese terrorists attacked has developed a state-of-the-art software for remote NetSarang devices, Is hitting a Korean company behind the app to hide their back number. The program of campaign to steal SolarWinds, while Russian spies hid a bad number in the IT Orion monitoring tool to keep it from interfering with at least nine US agencies, in a way that reflects the same threat. (Although Orion is a monitoring tool, not a monitoring program, it has a similar interface, including the ability to apply rules on the monitoring.) In another difficult but fearless violation, hackers used the access method with TeamViewer monitoring tool to connecting systems for low-water turbine systems in Oldsmar, Florida, attempting — and failing — to throw a dangerous lye into the city’s waters.
While remote control tools may be available, however, abandoning them is not possible for most administrators who rely on them to monitor their networks. Instead, many small IT-based businesses with staff often need to take care of all their computers, without proper management. Despite having the skills he will give them at Black Hat, Roberts and Hall say Jamf still has the opportunity to protect many of the networks used, as it allows administrators to set up programs and configurations and keep them up-to-date. Instead they hope to push security technology vendors as a last resort to be able to monitor how they are using the remote devices they are displaying.
For many types of remote devices, but no such self-assessment is possible, says BreachQuest’s Williams. The quality of tools that tools expect — access to a wide range of tools online, changing layouts, software development — is very difficult to distinguish from the worst. Instead, Williams said home security teams should learn to monitor the use of weapons and be prepared to put them out, as many did when the news broke about insecurity in Kaseya last week. But they acknowledge that this is a strong solution, since remote device users are often unable to purchase in-house units. “Other than being on site, ready to take action, to reduce explosions, I don’t think there’s a good solution,” Williams said. “It’s very difficult.”
But network operators would do well, at least, to begin to understand the dynamics of how their remote monitoring tools can work in the wrong hands – what their potential abusers now seem to know better than ever.
Many Great Stories
[ad_2]
Source link
