Carding Forum
Professional
The study showed a 200-fold gap between real risks and traditional scanning.
The new NetRise report analyzes the software composition, vulnerabilities, and non-CVE risks present in enterprise network equipment software-routers, switches, firewalls, VPN gateways, and wireless access points.
NetRise notes that organizations use a complex array of software to run their network hardware, including third-party, open source programs, applications, containers,and device firmware. Every new piece of software introduced carries risks that often go unnoticed. The increase in attacks on software supply chains confirms the need for the "trust but verify" principle. Companies should have full visibility of all components and dependencies of their software to minimize risks.
Key findings of the report include:
The study highlights the importance of compiling an SBOM-a list of individual software components used in software development. However, only 35% of the organizations surveyed create or generate such lists. In some sectors, such as medical devices and the automotive industry, the use of SBOM has become mandatory due to regulatory requirements.
Understanding the software within an organization is critical for timely investigation and remediation of cyberattacks. However, only 38% of organizations believe that they effectively detect and respond to attacks that exploit software vulnerabilities. 47% of organizations say that it takes from 1 month to six months to fix a critical vulnerability.
Organizations are increasingly adopting advanced software supply chain analysis and risk management tools. These tools provide detailed SBOMS, including firmware, operating systems, virtualization software, and applications, identify non-CVE vulnerabilities and risks, and prioritize identified risks.
Governments and regulators are also tightening regulations to ensure the security of network equipment and connected devices, making it mandatory to comply with standards such as the recommendations of the National Institute of Standards and Technology (NIST) and the European Union's General Data Protection Regulation (GDPR).
Network devices such as routers, switches, firewalls, VPN gateways, and wireless access points have become prime targets for cyberattacks. Vulnerabilities in such devices are actively exploited by intruders, which makes them the most risky category of IT devices. Vulnerabilities in IoT devices increased by 136% compared to the previous year, highlighting the need for comprehensive security measures for all connected devices.
The report also provides recommendations for organizations to improve the security of network equipment. One of the key recommendations is a detailed analysis of SBOM to achieve full visibility of software assets. This includes creating comprehensive SBOMS for all software components, third-party libraries, and dependencies, which helps identify vulnerabilities that often go unnoticed in traditional scanning.
Organizations are also encouraged to focus on fixing the vulnerabilities used in attacks and network vulnerabilities, and not just rely on CVSS assessment. By eliminating actively attacked vulnerabilities, organizations can more effectively counter the most serious threats.
Source
The new NetRise report analyzes the software composition, vulnerabilities, and non-CVE risks present in enterprise network equipment software-routers, switches, firewalls, VPN gateways, and wireless access points.
NetRise notes that organizations use a complex array of software to run their network hardware, including third-party, open source programs, applications, containers,and device firmware. Every new piece of software introduced carries risks that often go unnoticed. The increase in attacks on software supply chains confirms the need for the "trust but verify" principle. Companies should have full visibility of all components and dependencies of their software to minimize risks.
Key findings of the report include:
- Software Inventory to understand risks: NetRise researchers analyzed the code and created detailed SBOMS (Software Bill of Materials) for each device tested, finding an average of 1,267 software components on each device.
- Detailed software analysis is superior to traditional vulnerability scanning: the identified vulnerability risks are on average 200 times higher than the results of traditional scanners. The researchers found 1,120 known vulnerabilities in software components, with more than a third of them older than 5 years.
- Don't rely solely on CVSS vulnerability ratings: out of 1,120 known vulnerabilities in each network device, more than 42% (473) are rated "High" or "Critical" by CVSS. The average number of vulnerabilities used in attacks was 20 per device, of which only 7 are accessible via the network.
The study highlights the importance of compiling an SBOM-a list of individual software components used in software development. However, only 35% of the organizations surveyed create or generate such lists. In some sectors, such as medical devices and the automotive industry, the use of SBOM has become mandatory due to regulatory requirements.
Understanding the software within an organization is critical for timely investigation and remediation of cyberattacks. However, only 38% of organizations believe that they effectively detect and respond to attacks that exploit software vulnerabilities. 47% of organizations say that it takes from 1 month to six months to fix a critical vulnerability.
Organizations are increasingly adopting advanced software supply chain analysis and risk management tools. These tools provide detailed SBOMS, including firmware, operating systems, virtualization software, and applications, identify non-CVE vulnerabilities and risks, and prioritize identified risks.
Governments and regulators are also tightening regulations to ensure the security of network equipment and connected devices, making it mandatory to comply with standards such as the recommendations of the National Institute of Standards and Technology (NIST) and the European Union's General Data Protection Regulation (GDPR).
Network devices such as routers, switches, firewalls, VPN gateways, and wireless access points have become prime targets for cyberattacks. Vulnerabilities in such devices are actively exploited by intruders, which makes them the most risky category of IT devices. Vulnerabilities in IoT devices increased by 136% compared to the previous year, highlighting the need for comprehensive security measures for all connected devices.
The report also provides recommendations for organizations to improve the security of network equipment. One of the key recommendations is a detailed analysis of SBOM to achieve full visibility of software assets. This includes creating comprehensive SBOMS for all software components, third-party libraries, and dependencies, which helps identify vulnerabilities that often go unnoticed in traditional scanning.
Organizations are also encouraged to focus on fixing the vulnerabilities used in attacks and network vulnerabilities, and not just rely on CVSS assessment. By eliminating actively attacked vulnerabilities, organizations can more effectively counter the most serious threats.
Source
