Vulnerable Network Infrastructures in Canada Continue to Be Exploited

The Cyber Centre has become aware of recent and continuing exploitation of vulnerable network infrastructures in Canada

By EUNIZ BROWN

In recent months, the Cyber Centre has been made aware of several compromises of computer networks in Canada. The compromises took advantage of vulnerable, less secure implementations of remote access services according to Cyber centre Canada.

They stated the malicious activities were reported to the Cyber Center in June and July 2020. Incidents included intensive reconnaissance-style scanning of target networks, followed by the successful compromise of vulnerable and improperly secured servers and network access devices. In some instances, malware was installed, and compromised infrastructure may have been used in attempts to compromise different networks and/or other organizations. Threat actors may have remained active on compromised networks for a period of months before their activities were detected.

Organizations failing to apply security updates in a timely manner and not using 2FA are exposing themselves to compromises such as information theft and ransomware

What Can You Do?

Assess networks for the presence of vulnerable software, particularly where it is installed on devices exposed to the internet, and patch as soon as possible to the latest version.
Implement 2FA on all internet-facing remote access services, starting with perimeter security devices such as Firewalls and remote access gateways for teleworkers and administrators
Consider measures to limit the amount of sensitive information that malicious actors can collect