You need to know what is in your network. You could be at risk.
In any organisation it’s normal for different devices, on- or off-prem, wired or wireless, to be constantly added or removed – and this can present an opportunity for malicious hackers to take advantage of improperly secured systems.
Many organizations don’t know how many assets are in their possession or where they are all located.
It is a smart idea to run regular automated scans to check for vulnerabilities and identify assets that are connected to your infrastructure.
Cybersecurity and Infrastructure Security Agency of the United States – (CISA). told On Monday federal agencies were mandated to inspect assets and find vulnerabilities in networks.
Federal Civilian Executive Branch agency agencies must take the following actions before April 3rd 2023.
- Automate asset discovery every 7 days. At a minimum, this must include all IPv4 addresses used by agency.
- Each 14-day period, start vulnerability enumeration for all assets. This includes all nomadic/roaming equipment (e.g. laptops).
- Automatically feed details of detected vulnerabilities into CISA’s Continuous Diagnostics and Mitigation (CDM) dashboard within 72 hours.
- Develop and maintain the capability to initiate on-demand asset discovery and vulnerability enumeration, in order to identify specific assets or vulnerabilities within 72 hours of receiving a request from CISA – and then provide the results back to CISA within 7 days of request.
CISA’s Jen Easterly highlighted SolarWinds, a hacker group that had been able to use the poisoned software update for network management to target critical infrastructure networks in government agencies over months.
“If you’ve heard us talk at all about this, we have said consistently that we are on an urgent path to gain visibility into risks facing federal civilian networks,” said Easterly. “This was obviously a gap illuminated by SolarWinds.”
It is vital for organisations to identify compromised software quickly in order to defend themselves against attacks like SolarWinds.
CISA says it will publish a common vulnerability-reporting data format within six months which agencies can use when feeding information into the CDM dashboard.