Cybercrime: Hidden backdoors to enterprise data

How much of a risk do backdoors pose to corporate data? Davey Winder investigates...

Alex Raistrick, vice president for Western Europe at Palo Alto Networks, has spotted an attack vector where backdoors are being exploited, though.

"There is something of an intentional backdoor left open by mobile application developers," he says.

The most common backdoor threats to organisational data come not from any technology but from complacency on the part of the user.

Advertisement - Article continues below

"By installing software such as an SDK in the application itself, the app can reach out to the internet and pull the correct ad in order to get paid. But this embedded software then provides access to the application and the device itself."

Raistrick claims the research his company has undertaken has "identified several malicious APKs that were able to avoid all tested mobile antivirus solutions, so clearly there is effort being applied to backdoor attacks".

Catalin Cosoi, chief security strategist at Bitdefender, backs Sanabria's view that backdoors are a rare occurrence and Trojanised applications and documents are more commonly used to compromise data.  

"Except in targeted attacks because hardware is much more diverse than software," Cosoi explains.

However, there is little the average enterprise can do to protect itself against its own hardware, but Cosoi suggests the following bullet points be absorbed:

Advertisement - Article continues below
  • Make sure you understand what you are using and how.
  • Remote control functionality exists in most networking equipment and in high-end enterprise PCs as well. This adds convenience, but also security risks. For example, the control interface for a router should never, ever be on the subnet it routes for.
  • Diversify systems, compartmentalise data, and air-gap what needs to be air-gapped. Remember, you shouldn't be able to move data across an air-gap in a digital format.
  • Encryption in transit is not just for Wi-Fi networks, and wired ones are not inherently more secure. A compromised router or a "pwn box" might be listening in, so don't make its job easier by forgoing SSL in the corporate intranet.
  • Keep an accurate, up-to-date inventory. Vulnerabilities in hardware, as well as in software, are found all the time. It's not uncommon for a "forgotten" printer or router to be left un-patched for years.
Advertisement - Article continues below

Closing the backdoor

"The most common backdoor threats to organisational data come not from any technology but from complacency on the part of the user," insists Chris McIntosh, CEO at ViaSat UK, who cites the News of the World phone hacking scandal as an example.

This 'hacking' was largely possible because journalists and private detectives, if not the mobile phone owners themselves, knew you should change the default PIN code for remote voicemail.

Anyone with access to Google can quickly find these default codes, and the same is true of routers and networked hardware.

"Similarly, new devices on the network are often non-accredited meaning they may well contain a number of backdoor entry points that organisations are unaware of," says McIntosh.

Simply taking the time to review passwords and other security codes, or properly vet devices, can save a huge amount of hassle and make things a lot harder for attackers by locking some of the backdoors that would otherwise remain open.

It's not rocket science, as McIntosh reminds us, "make sure that people, process and technology work together in a three-tiered approach: don't allow either of those to become a weak point that renders the other two worthless."

Featured Resources

Staying ahead of the game in the world of data

Create successful marketing campaigns by understanding your customers better

Download now

Remote working 2020: Advantages and challenges

Discover how to overcome remote working challenges

Download now

Keep your data available with snapshot technology

Synology’s solution to your data protection problem

Download now

After the lockdown - reinventing the way your business works

Your guide to ensuring business continuity, no matter the crisis

Download now

Most Popular

How to find RAM speed, size and type

How to find RAM speed, size and type

3 Aug 2020
Labour Party donors caught up in Blackbaud data breach
data breaches

Labour Party donors caught up in Blackbaud data breach

31 Jul 2020
How do you build a great customer experience?

How do you build a great customer experience?

20 Jul 2020