The Time Has Come to Secure the Lower Levels

Dror Liwer Blog

All People Seem To Need Delicious Pizza. Well, that’s one way to remember the Application, Presentation, Session, Transport, Network, Data link and Physical layers that make up the OSI Model.

Unfortunately, many organizations seem to be fixated on the upper layers of the OSI Model, while forgetting the lower layers are just as critical. The upper layers — application, presentation, session — focus on interacting with the user and implementing applications that run on a network. The lower layers — transport, network, data link and physical — deal with the formatting, encoding and transmission of data over the network.

Without a doubt, there are serious threats to the upper layers. BEAST, CRIME, BREACH, Heartbleed, POODLE, FREAK, Logjam, and DROWN are just some examples of security vulnerabilities that organizations have been preoccupied with.

Nefarious names aside, these designations for vulnerabilities on SSL and TLS illustrate the past, present, and future state of security at the application layer. From SSLv2 through TLS 1.1, we have seen new standards rise and fall over the last decade because hackers are constantly finding weak spots. With these vulnerabilities seemingly popping up each week, security teams haven’t had the time to focus on the protection of the lower levels.

But security teams can no longer afford to have tunnel vision with authentication, fraud and malware. Consider how ransomware – commjackers and hackers tricking users and their devices so they can install malware – is growing and begging for attention. Industry professionals will need to open their eyes to wireless vulnerabilities before their mobile workforce brings the mirage of security crashing down.

Don’t Risk Commjackers Eating Your Pizza

Commjackers are sneaky, whether sitting next to your employees in an airport lounge or preying from afar, they know the weaknesses of wireless technology and use it to gain access to sensitive information.

Businesses must realize that while their employees use mobile devices to access the business network,  the network itself is still vulnerable to commjacking even if there is a security design in place. [Tweet “Protecting data in transit through the use of key exchange and encryption is continuously becoming harder.”]

The cat-and-mouse game between attackers and security researchers seems never-ending. With the availability of cheap commodity hardware, attacks against unsecured WiFi and mobile networks are on the rise. Hardware designed for penetration testing and vulnerability detection is available at a slight premium, but still incredibly affordable price.

Many organizations are intensely focused on updating antivirus definitions and educating their user base about phishing emails (not to mention mitigating Java and Flash exploits). They do not even consider the very real threat of commjacking, or may lack the resources to do so.

Coronet Knows Commjacking and lower level security protection

The security industry has been so preoccupied with the upper layers that it is just getting around to recognizing the issue of commjacking. While there are some security options available, companies will find costly hardware-only based solutions. Coronet has changed the landscape by providing the only cloud based software solution, saving companies time and money.

Coronet converts any device into a network threat sensor, which enables real time detection and evasion of commjackers. The need for this type of insight is growing, as 37% of respondents in an EY study reported they had no real-time visibility on cyber attacks.

Don’t get caught up in upper-layer tunnel vision. It’s time to cloak your devices from the war-driving commjackers before it’s too late.