Cisco has revealed in its blog that they are aware of specific advanced attackers targeting Cisco switches by leveraging a protocol misuse issue in the Cisco Smart Install Client. Sean Newman, Director of Product Management at Corero Network Security commented below.
Sean Newman, Director of Product Management at Corero Network Security:
“Recent reports from Cisco’s Talos team* of a vulnerability enabling attackers to potentially gain remote control of switch devices for nefarious purposes, is just another example of how many IT system features there are exposed to the Internet which were originally developed to make IT team’s lives easier but, are now resulting in security headaches. This report follows closely on the heels of recent DDoS attacks powered by the exploitation of the commonly deployed memcached system tool, which was also found to be exposed directly to the Internet in tens of thousands of cases. These examples demonstrate why organisations need to not only be more diligent about what systems and services they expose to the Internet themselves, but also have the right solutions in place to protect from attacks which are continually being developed to abuse these exposed services for nefarious purposes. And, having dedicated, real-time, automatic, DDoS protection in place is a prime example of where many organisations are still deficient in their defences.”