Ixia: What can we learn from the Equifax breach?

Ixia, a Keysight business and leading provider of network testing, visibility, and security solutions, offers organizations advice on how they can learn from the recent Equifax breach and protect their web infrastructure.

As we come to terms with the full ramifications of the Equifax data breach, initial reports indicated that the Apache Struts vulnerabilities first reported in the first half of 2017 (CVE-2017-5638 and CVE-2017-9805) was the cause.  Even though not confirmed, it highlights how critical it is to ensure that a web infrastructure is reinforced against these types of vulnerabilities, and a network infrastructure can detect and block exploiting attempts that leverage these vulnerabilities or their variants.

Any company doing business on the web will most likely be faced with a newly discovered vulnerability at some point.  According to Ixia, organizations have three choices in how to address it: 

1.       Do nothing and run the risk of hackers exploiting your web infrastructure

This is a hackers dream and makes their job much easier.  In fact, the most prevalent category in Verizon’s Data Breach Investigations Report in 2017 was Web Application Attacks which included 6,502 confirmed incidents, 3,583 with secondary motivations and 571 with confirmed data disclosure.[1]

2.       Apply the patch without knowing how it could impact your infrastructure and potentially cause harm to your business

This includes fixing security vulnerabilities and other bugs, and improving the usability or performance. Although meant to fix problems, poorly designed patches can sometimes introduce new problems, which can adversely impact productivity or business critical processes.

3.       Test the vulnerability with a virtual patch, affording you the time to validate the patch without risk to your network infrastructure 

A virtual patch is a short-term implementation of a security policy meant to prevent an exploit of a newly discovered vulnerability from occurring, while allowing the components of a mission-critical web infrastructure to remain online.

“In today’s environment, virtual patches deliver a low-risk method for protecting the mission-critical components of a public-facing web infrastructure,” said Steve McGregory, Senior Director of Application Threat Intelligence at Ixia. “Ixia’s ATI team provides the tools needed to validate these patches before implementation. Tested and verified, virtual patches allow organizations to ensure security patches do not negatively impact their web infrastructure, their business or their customer’s information.”