Introduction to Patching Systems
You might occasionally wonder why your computer nags you so frequently to update the software running on it. The answer, really, is quite simple. Software, and the hardware it runs on is all designed and created by (teams of) human beings. And we, as humans, are not infallible so why would the things we create be any different?
Large corporations work hard to locate and patch vulnerabilities in their software quickly to ensure their products are safe, and stable. Similarly, bad actors work to locate and exploit vulnerabilities for their own gain.
Common Vulnerabilities and Exposures (CVEs) are published almost daily, recorded in publicly accessible databases. At the time of writing this article, a CVE register maintained by mitre.org is available for download from their website as a CSV file, at an astounding 116MB in size. And that doesn’t include the vulnerabilities listed on the other CVE Numbering Authorities listed here.
Patches aren’t only released to remediate vulnerabilities, they’re also created to:
allow integration with other products and services.
Think of patches as maintenance. In the same way your service your car, or motorcycle at regular intervals, or with your clothes “a stitch in time saves nine”.
“By patching your system(s) you’re proactively working to stop your environment from breaking, or stitching up holes.”
Patching & Cyber Security
Most cyber-attacks are orchestrated using vulnerabilities in software and hardware found in CVE databases, most of which are preventable with patches, or software upgrades. Such cyber attacks include, but aren’t limited to:
Read our tech blog about how Ragnar Locker runs on an infected machine completely undetected by antivirus and encrypts files on local and network drives.
Data breaches can come about from a number of different attack vectors. But while on the subject of ransomware; Nefilim is a ransomware that uploads data to the dark web when payment isn’t made after a deadline.
Both types of cyber attack result in loss of control of data, but a data breach can have serious implications for a business.
Under the Notifiable Data Breach Scheme 2018, an organisation or agency that must comply with Australian privacy law has to notify both the Office of Australian Information Commission (OAIC), and in addition, anyone affected if the breach is likely to cause serious harm. Failure to comply with this regulation can attract serious penalties.
On the 19th June 2020 the Australian Prime Minister, Minister for Home Affairs and Minister for Defence released a media statement outlining three steps to significantly improve cyber security:
Patch your internet facing devices promptly – ensuring any web or email servers are fully updated with the latest software.
Ensure you use multifactor authentication to secure your internet accessible infrastructure and cloud-based platforms.
Become an ACSC partner to ensure you get the latest cyber threat advice so you can take the earliest possible action to protect yourself online.
While this media release only suggests patching “internet facing devices” we would suggest otherwise because once an internet facing device is compromised, any devices within your network accessible from that compromised device is also, potentially, compromised.
Read about what a Security Operation Centre is and how Diverse Services can centrally monitor and proactively manage your IT Security.