educate staff Archives

Default Passwords Cause Havoc for Juniper Routers

business router, default passwords, educate staff, Jupiter, Mirai botnet, monitor network, multi factor authentication, routerbusiness router, default passwords, educate staff, Jupiter, Mirai botnet, monitor network, multi-factor authentification, routersOphtek, LLC

Jan 2025

Strong passwords are vital to cybersecurity. A recent botnet attack highlights the serious risks of relying on default passwords instead of secure alternatives.

The Mirai malware, first detected in 2016, has been behind numerous botnet attacks in the past and has been very busy recently. A botnet attack gives a threat actor control over a large number of compromised PCs, allowing the threat actor to combine these infected PCs into a formidable strike force. These attacks often involve data theft, cryptojacking, brute force attacks, and phishing campaigns.

This latest attack was enabled by the presence of default passwords on routers manufactured by Juniper Networks. Default passwords are used on many devices, so it’s important to understand the mechanics behind this attack.

Mirai Starts Infecting Routers

The exploitation of Juniper routers began in mid-December. Customers accessing the internet with Juniper Session Smart routers began to notice unusual behavior with them. The Mirai malware was seen to be scanning specifically for these routers. Once this model of router was found, Mirai proceeded to compromise the router before utilizing it in a distributed-denial-of-service (DDoS) attack.

But what was unique about the Session Smart router? Why was Mirai singling this router out? Well, the answer proved to be simple: it was a router known to ship with a default password. Therefore, a threat actor could easily take control of the router if its password hadn’t been changed. Scan enough Session Smart routers and, eventually, one will be found with the default password still in place.

The main impact of a DDoS attack is a slowdown in PC performance, as all the PC’s resources are being directed into the attack. For a business, this is troubling as the majority of their PCs are likely to be dependent on similar routers. This means that this slowdown in productivity could have a major impact on a business’ performance.

Don’t Fall Victim to Default Passwords

Users of Session Smart routers have been advised to change their password from the default version to a unique and strong one. This is the best advice you can give when it comes to default passwords. Leaving them in place is simply inviting threat actors into your networks. However, there are further measures you can take to secure your devices:

Educate Users About Risks: Train your employees to understand the dangers of default passwords. Make sure they understand what is and isn’t a secure password, helping to build a culture of cybersecurity awareness.
Use Multifactor Authentication: The beauty of multifactor authentication is that it adds an extra layer of security to your defenses. Therefore, even if one of your passwords is compromised, additional authentication is required to access your devices and networks.
Monitor for Default Password Usage: It’s difficult to monitor every device and verify the status of its password, but you can get help with this. Many security tools – such as Kaspersky Industrial CyberSecurity for Networks – can scan devices connected to a network and determine if a default password is being used.

For more ways to secure and optimize your business technology, contact your local IT professionals.

One of the recent developments in hacking has been the Bring Your Own Vulnerable Driver (BYOVD) attack, but what is it and how do you defend against one?

By now, the Ophtek blog should have informed you about ransomware, trojans, and cryptojacking, but we’ve rarely mentioned the dangers of a BYOVD attack. In the past, BYOVD attacks were mostly carried out by only the most sophisticated threat actors, but they’re now becoming increasingly popular with even basic bedroom hackers. Therefore, today is the day we remedy this and provide you with a fully comprehensive look at BYOVD attacks and how you can stay safe.

The Role of Drivers within Your PC

Before we dig deep down into the mechanics of a BYOVD attack, it’s important that you understand what’s at the heart of their malicious activities: drivers. You’ve no doubt heard of drivers in passing, but it’s only the most die-hard PC user who would fully understand what they do. Their main role is as a file used to support software applications. They work by acting as a bridge between an operating system and a device e.g. between Windows and a graphics card.

Without drivers, your PC simply wouldn’t work. From your display through to your speakers and printer, there would be no way for your operating system to communicate with these devices. This makes drivers a crucial part of any PC, but it also means they’re ripe for cyberattacks.

Breaking Down a BYOVD Attack

We’re all aware of software vulnerabilities, and a BYOVD is a unique take on this method of hacking. In a BYOVD attack, threat actors will trick their victims into downloading outdated, vulnerable drivers onto their PC. This could be through phishing emails or pop-up adverts, with the main objective of getting these unsafe drivers downloaded onto a PC along with a nasty dose of malware. With these vulnerable drivers in place, threat actors can take control of the infected PC.

BYOVD attacks are dangerous for the following reasons:

Data Theft: With BYOVD attacks capable of bypassing your security software, they not only have easy access to all your data but can effortlessly transmit it to remote servers.
Install Further Malware: IT systems with vulnerabilities exploited are at risk of having further malware installed on them. So, for example, a threat actor could first gain access to your system before downloading further malware to facilitate DDoS attacks or support cryptojacking.
Damage Your Productivity: A BYOVD attack can quickly render your IT systems unusable due to the capabilities of drivers. By exploiting the deep access and reach drivers have, threat actors have the opportunity to disable network components, corrupt system files, and damage hardware.

You can find out more specifics of the impact of a BYOVD attack by checking out our article on the EDRKillShifter malware.

Protecting Your IT Systems from BYOVD Attacks

You may have been unfamiliar with BYOVD attacks, but you should now have a basic understanding of how they operate. The next step is to protect yourself by implementing these security practices:

Driver Whitelisting: this is a method whereby only authorized system users have the privileges to install drivers on your IT infrastructure. Even then, the use of Windows Defender Application Control should also be utilized to ensure that only pre-approved, digitally signed drivers can be installed.
Regular Updates: one of the simplest ways to protect against BYOVD attacks is by installing all updates and patches as soon as possible. Automating these updates allows you to guarantee that you have the freshest, most secure drivers on your system at all times.
Employee Education: BYOVD attacks are often distributed by phishing attacks, so it’s useful to educate, and regularly refresh, your employees on the telltale signs of a phishing attack. This could prove invaluable as your employees are your most important defense against cyberattacks.

For more ways to secure and optimize your business technology, contact your local IT professionals.

5 Ways to Optimize Your IT Budget

automation, cloud computing, educate staff, evaluate spending, IT budget, IT Support, Ophtekautomation, cloud computing, educate staff, evaluate spending, IT budget, it support, OphtekOphtek, LLC

Sep 2024

Managing your IT budget is crucial in today’s fast paced business environment. A fter all, technology is becoming more important, but also expensive.

An IT budget allows you to plan your IT expenses for the year ahead, so it needs to be planned carefully. Every cent counts and you want to be able to optimize your IT budget to remain efficient and competitive. This may sound simple, but it presents a major headache for almost every business. You need to determine exactly where you can save money in your budget and which areas need prioritizing for investment. It’s a difficult balancing act, but if you can get it right, you’re guaranteed an effective IT infrastructure.

Optimizing Your IT Budget

To help you get started with optimizing your IT budget, we’re going to share 5 simple ways you can get the most bang for your buck:

Evaluate Existing IT Spending: Over time, your use of IT technology will change, and this often leads to unnecessary spending or a lack of investment in vital services. Therefore, you need to assess your current expenses and focus on the costs which directly impact your day-to-day operations. This will allow you to identify areas where you can make savings e.g. using open-source software such as Google Docs or OpenOffice instead of the subscription-based Microsoft Office.
Embrace Automation: The future of business is automation, and this is never more true than when it comes to IT. By streamlining repetitive tasks, you can reduce manual workloads and reduce your labor costs. A good example of this comes in the form of network monitoring software, this can be used to keep a continuous eye on the traffic flowing in and out of your infrastructure. Anything suspicious can be immediately flagged, and this saves you having to manually monitor your network activity. While there will be an initial outlay in automation software, the long-term savings will greatly enhance your IT budget.
Invest in Cloud Computing: Flexibility is an important part of any budget and cloud computing is the perfect example of this in IT. Using cloud services ensures that your organization only pays for what it uses e.g. a specific amount of storage space for your backups. Cloud computing also reduces the need for physical equipment on your premises and comes complete with minimal maintenance costs. The combined benefits of cloud computing, especially when provided by a single supplier, will quickly streamline your costs.
Optimize IT Support: Rather than handling IT support yourself, why not consider outsourcing this duty to a specialized provider? This minimizes your spending on in-house IT staff and enables you to benefit from remote support services. External providers will be more than capable of maintaining your IT infrastructure and, due to their experience across multiple clients, their expertise will be more varied than in-house staff who primarily work with the same systems every day.
Educate Your Staff: Incorrect usage of your IT resources by staff can quickly generate outgoing costs, so it pays to be mindful of this. So, make sure your staff are regularly trained to use IT equipment correctly and efficiently e.g. only printing in color when necessary. It’s also important that your IT and finance teams are in regular contact with each other to monitor IT spending, so ensure catch-up meetings are scheduled to keep everyone on the same page.

For more ways to secure and optimize your business technology, c ontact your local IT professionals.

Category Archives: educate staff