The Oracle for Cybersecurity
Cybersecurity is a big, scary word with big, scary implications. The word conjures mental images of a dark room and someone in front a dimly lit computer. The black screen flashes green and is dotted with lines of code entered by a nameless, faceless “cyberterrorist” – a hacker – with a smirk and an evil laugh. Are hackers merely the digital age’s version of a pirate ship on the high seas, with the sought-after treasure in the updated form of digital profit?
The reality, though, is far scarier: data security is big business, and with every business venture comes big risk. You’ve worked hard to get where you are. Your business is growing, and the truth is this makes you a target. Any vulnerability is an unfortunate side effect of success, and with this comes fear – fear of losing everything you’ve built. Hackers spend hours trying to uncover these vulnerabilities and exploit them, sometimes for profit or ransom or just to cause damage.
How do these hackers do this? Hackers obtain access to a computer and plant “malware,” malicious software, like a virus or another executable program. The purpose of these programs varies, but the shared nature is they’re not meant to help anyone but the hacker. In some cases, the idea is to have this malware operate undetected – but not always.
- One of the most famous hackers today is “Anonymous,” an international group that has become well-known for DDOS (distributed denial-of-service) attacks on government, religious, and corporate websites.
Every day, hackers are finding new ways to attack, and are sometimes successful simply because those they attack just haven’t yet applied available security updates, called patches. A patch is a corrective action to address a specific vulnerability.
A critical patch update – a CPU – is a series of patches released at the same time that resolve security vulnerabilities. Often when a CPU is released, it’s in response to a discovered vulnerability, sometimes hackers already exploiting the weakness. Organizations will accompany a CPU with a statement of disclosure of these vulnerabilities and the solution within the CPU. No matter the reason, a CPU shouldn’t be delayed.
For example, Oracle recently released a patch for select products, including its WebLogic Server. Oracle discovered a vulnerability affecting WLS Security, allowing attackers to exploit access resulting in a successful takeover of the server.
For what is considered to be the industry’s best application server with features for lowering operational costs while improving performance, this vulnerability reflects an urgent need for users to update. In Q4 2017, Oracle released a security alert notifying customers of affected Oracle products and strongly advised that the CPU released in October be applied immediately.
- Oracle patch CVE-2017-3506 addressed WebLogic’s “Web Services” subcomponent
- Oracle patch CVE-2017-10271 addressed WebLogic’s “WLS Security” subcomponent – a critical Java deserialization vulnerability
- Impacted WebLogic versions: 10.3.6.0.0, 184.108.40.206.0, 220.127.116.11.0, or 18.104.22.168.0
More details on this were not publicly available until December when Oracle announced that the vulnerability would have allowed unauthorized users to gain remote access and takeover.
How was this discovered?
Logically, hackers placed a script on affected servers that unintentionally “killed,” or prevented the servers from functioning – possibly even alerting some of the intended targets of the attack before the attack had the chance to deploy fully.
In this specific case, one widely-shared thought is that hackers were exploiting this weakness to install software that mines bitcoins on the affected servers. One element that makes this situation unique is that only limited coding knowledge was needed to make this hacking effort a success if fully and properly deployed.
- What is bitcoin mining? Specialized software is used to solve complex math problems in exchange for an amount of bitcoin currency. Why does this matter? If this activity is taking place as a result of a hacker accessing your server, and this hacker now has control of your data, everything is at risk. In most cases, bitcoin mining on a regular computer didn’t allow the generation of enough of the currency to offset the power consumption cost, making this an unappealing option for bitcoin miners. If you read between these lines, hacking someone else’s machine is a better target since the hacker isn’t paying the power bill!
Imagine if, instead of just one computer for a single user, you utilize a cloud-based solution for your entire business, and a hacker was able to access your incredibly powerful resource for their benefit – compromising your data. What would be the impact on your business if this data library became lost?
What does all of this mean?
First, it means we strongly recommend a thorough security review to protect yourself, your business, and your data.
Next, it’s vital to remain vigilant after a patch is installed, and investigate further. If one hack attempt is successful, more importantly by a less-sophisticated hacker, then a more skilled “cyberterrorist” is likely in a better position to gain even stronger control over your system.
Is there an upside?
The good news is that cybersecurity is an increasingly critical component of today’s business model, and the industry is growing – as is the pool of candidates and the knowledge base within. The evolution of cybersecurity is a byproduct of the ever-evolving world of technology, and those organizations that focus on the latest trends and the newest solutions are supporting the strength of the field.
- Standards are being established across the technology industry, laws are being written to protect digital and intellectual property, and crimes are being prosecuted.
- Precedents are being established with which to fight cyberterrorism and hackers, in numbers great or small.
What can you do?
The best thing you can do for your business – and thus, yourself – is to employ a top arsenal of experts that can aid you in protection against cyber attacks. Remember that even the best efforts need ongoing support.
The key to long-term success is to work with experts that understand your needs and the nature of your business in such a way that there is a seamless relationship: Where you end, your “cybersecurity expert” begins, and eliminates any vulnerabilities. When customers ask you what the secret of your success is, you can honestly answer that you only work with the best – and that’s the best position to be in for the future.