Old routers never die. They just get hacked by the Chinese. U.S. officials recently revealed a concerning cyber operation reportedly involving Chinese actors, targeting outdated home and office Wi-Fi routers in the United States. This operation aimed to exploit vulnerabilities in these devices to potentially disrupt critical infrastructure like electrical and water supplies. Most of the infected routers were out-of-date Cisco and NetGear machines that no longer received security updates. The incident highlights the importance of cybersecurity measures and keeping devices updated, especially for those connected to critical systems. Read more here.
The FBI “counter-hacked” the routers in question and removed the malware, known as Volt Typhoon.
The importance of asset management in IT/GRC. The Chinese attack on out-of-date equipment should serve as a “wake up call” for American enterprises. While this hack primarily impacted home and small business devices, there is no reason to believe that hackers would not try the same attack on enterprise devices. Enterprises across all sectors must recognize the importance of tracking all computing equipment in use — laptops, tablets, and phones included — and be able to identify equipment that is at end-of-life (going out of support in the near future). By proactively managing their IT assets within a GRC framework, organizations can significantly reduce their vulnerability to cyberattacks and safeguard their infrastructure.
Principles of asset management in IT/GRC. Effective IT governance and risk management rely heavily on strong IT asset management practices. It involves maintaining an inventory of an organization’s IT assets, including hardware, software, and data, and understanding their function within the business processes. This understanding is crucial for several reasons:
- Security: Precise knowledge of your IT assets and their potential vulnerabilities forms the bedrock for strategic security implementation. In the case of the malware-infected SOHO (Small Office Home Office) routers, having an accurate asset inventory could have significantly expedited the identification of compromised devices and facilities a more streamlined remediation process.
- Compliance: Many regulatory frameworks across industries mandate that businesses maintain inventories of their IT assets and implement robust security measures. Effective IT asset management (ITAM) practices facilitate smooth compliance with these regulations, minimizing the risk of legal repercussions.
- Risk Management: Effective risk management relies heavily on understanding and classifying your IT assets based on their business criticality. This approach enables organizations to prioritize security measures strategically, focusing on assets with the highest potential impact if compromised. Threat and vulnerability management, patch management, and incident management should be integrated under one operating model.
- Efficiency: Understanding what assets are present within your network can lead to more efficient use of resources. By leveraging asset management practices, organizations can identify and address redundancies or underutilized assets, saving on maintenance costs and reducing the attack surface.
In the context of the hack described, effective asset management would have enabled faster detection and remediation of the malware, potentially limiting its impact. By knowing exactly which routers were affected, the response could be more targeted, and the necessary updates or fixes could be applied more efficiently. Furthermore, ongoing asset management practices would help in quickly identifying any future threats or vulnerabilities, thereby enhancing the overall security posture of the organization.
Infinitive brings extensive experience and specialized expertise to the field of IT/GRC. Our team of consultants have worked with leading organizations across industries, including major banks, media companies, and healthcare providers, to design, develop, and implement a full suite of IT/GRC controls, processes, and systems.
To contact Infinitive please fill out this form or call 703-554-5500.
Learn more about our IT/GRC Solutions here.