When it comes to applications in the workplace, the most ubiquitous might also be the most commonly exploited.
The explosion of IoT connected devices and the cybersecurity vulnerabilities that come with them has dominated recent network security conversations, which is both good and bad news for CIOs. Connected devices can add thousands of additional endpoints to a network — endpoints that can then be hacked to gain access to sensitive data. With this in mind, many CIOs of large enterprises have proactively ramped up their IoT security by installing firewalls, applying password best practices, and monitoring suspicious activity.
The only downside to the constant conversation surrounding IoT security is that other kinds of cybersecurity threats can go underemphasized. Many common workplace applications are primary targets for attacks because bad actors can also use them as gateways to secure networks, taking advantage of buggy code or system vulnerabilities to spread malware. In fact, 16 percent of surveyed organizations don’t conduct any penetration tests on their mobile applications to test security. As more digitally savvy workplaces turn their attention to the secure implementation of IoT devices, it’s critical that they not lose sight of the applications they already use in their day-to-day operations.
A recent research report shows that applications in the Microsoft Office product suite are the most commonly exploited applications in the world. A staggering 73 percent of all cyber exploit attacks during the third quarter of 2019 were leveraged against MS Office applications. Browsers were the second most common target, lagging behind at 13 percent. Other applications referenced in the study include Android, Java, Adobe Flash, and PDFs.
The 73 percent attack rate is made even more startling by the fact that a whopping 83 percent of enterprises polled by Spiceworks use some version of Microsoft Office for business operations. The problem is that enterprises tend to adopt a “wait and see” approach to software, meaning they will hold on to a functioning version as long as possible to avoid incurring the cost of updating. This approach is great news for cyber attackers, who count on lapses in patching best practices that allow them to hack outdated software and applications.
Exploit attacks are not to be mistaken with ransomware or other viruses — exploits themselves do not contain any malware. Rather, an exploit is a program or piece of malicious code that pinpoints and leverages system vulnerabilities in an application so that bad actors can, as the name suggests, exploit them. You can think of malware as the Greeks’ Trojan horse and exploits as the soldiers who opened Troy’s gates to let it in.
How do exploit attacks actually work? The process can be broken down into two phases. During phase one, a cyber attacker will deploy an exploit kit — a large collection of various exploits — to an application. These exploit kits typically are deployed in the form of invisible landing pages. Landing on one of these pages causes the exploit kit to start scanning your system for vital information, like what operating system you’re running and what apps you’re using. This scan works to reveal security flaws, which are then reported back to the hacker.
During phase two, the hacker selects the exploit from the exploit kit that is best suited to your application’s vulnerabilities. Malicious pre-built code then essentially opens the door to the application you’re using so malware can enter and infect your system.
In the case of Microsoft Office products specifically, bad actors have developed an exploit that tricks the application into executing malicious code that’s hidden within a document as shellcode. This allows the bad actor to then take control of the entire app. If the exploit targets a user with administrative privileges, the effects of an exploit attack are even more disastrous.
Luckily, there are a few key steps CIOs can take to prevent exploit attacks. The best thing you can do to avoid falling victim to an exploit attack is to reduce opportunities for their success, which means keeping your applications and systems updated at all times.
It’s likely that Microsoft Office is so vulnerable to exploit attacks because employees rarely update the product suite — 83 percent of users polled in 2017 were still using Office 2010. This means that despite developers having found and fixed vulnerabilities in the product, users were still operating with risky applications. Patching, a key part of lifecycle management, is your first line of defense against these known vulnerabilities. Patch management is critical to repair any holes in your applications’ or system’s security defenses, fix bugs, and improve performance.
Despite the importance of consistent patch management, many enterprises struggle to keep up. Instead of taking your chances with out-of-date software, partner with Turn-key Technologies, Inc. (TTI), an industry leader in network security solutions. Our experienced team will help you keep your enterprise safe from exploit attacks by ensuring that your software is always up-to-date. Don’t let outdated technology put your enterprise at risk — contact us for a consultation today.