The validity of the ransomware and its active role in this 2022 is an issue that has occupied the front pages of newspapers around the world, but unfortunately little is said about a practice that makes companies and institutions in Latin America continue to be especially vulnerable to this type of attack : the use of obsolete software. Kaspersky studies reveal that in the region, 47% of companies use some form of outdated technology in their IT infrastructure.
Yes, it is true: it is annoying to be working and receive the message that we must restart our computer to install an update and wait several minutes for it to finish. In fact, a recent study by Kaspersky, which is part of the campaign “Headache”, reveals that 48% of Latin American employees consider that updating equipment is a “routine and boring” task and therefore tends to postpone them.
The reasons they give for not performing software updates are diverse: 32% say they do not do it because they are busy at work; 24% because they don't want to stop using their device the moment they receive the update notification and 22% say they don't want to close the app they're using. But perhaps the most revealing fact is that 68% of Latin Americans do not see any harm in postponing updates to their computers. Nothing further from reality.
Some companies may not realize the seriousness of the problem: Kaspersky report “How companies can minimize the cost of a security breach”, reveals that the practice of using outdated software puts companies at greater risk of financial damage in the event of a security breach, 51% more for SMBs and 77% more for enterprises, compared to those that update on time.
Although vulnerabilities are inevitable in any software, including updates and patches on a regular basis can minimize the risks. It is for this reason that users are always advised to install the latest software versions as soon as they become available, even though updates can sometimes be complicated or time consuming.
Installing all security updates on time is an essential principle of cybersecurity hygiene, along with the use of an anti-malware solution. It is important that this becomes a habit: if there is a patch, it should be installed without delay or protest. This should become an internal norm for IT administrators and for the company.
Also, if a vulnerability is discovered, but a patch is not yet available, such as in the case of vulnerabilities in day zero, the IT department should read the vendor's recommendations and apply workarounds (for example, harden or disable protocols or services). This must also be done immediately.
Another important consideration is that when a vendor offers a patch, it means that the vulnerability has been around for some time and the attackers probably knew about it before the vendor did. Therefore, when a patch is issued, organizations need to understand that the vulnerability may already have been exploited. In highly organized, targeted attacks, APT agents do not exploit known and popular vulnerabilities, but rather new tools. So while timely updates are essential, another need for an enterprise is a large-scale protection system that is capable of detecting advanced attacks, even through hidden and disparate signals.
El Shadow IT, which is the use of services or technological platforms that do not have the authorization of the Systems Department, is another reason for companies to keep systems updated, because in this way they will be able to close security gaps, especially in those applications that employees installed without knowledge of the organization.
Companies and institutions in Latin America must now eradicate the use of obsolete software and keep updating equipment as a constant practice, familiar and common to all employees. Not doing so is like having the company's cybersecurity chain tied together with a nylon tie, that is, having a vulnerable link that will make it easier for cybercriminals to enter.
Image: Flickr
