Are Cisco Products Really Safe? What is Vulnerable?

In the wake of the recent Heartbleed security scares, it can be
difficult to keep track of all the potential security risks along with how they
might affect you. Several companies have already issued statements to customers
to let them know that the vulnerability has been patched and what they can do
to ensure their personal data remains un-compromised.

Others, such as Cisco, discovered that the exploit affects
their hardware as well as their website which can be a much more difficult
problem to solve as it requires each of the individual devices to be updated on
their own. Cisco published a list of vulnerable devices, but by
their own admission, they have not finished analyzing all of their equipment
yet. Here are some of their more popular devices and how their vulnerability
might affect you:
Routers – A router
is a devices that controls the transfer of data between two or more computers. It
receives data from one device and then routes it to its intended destination.
It functions like an air traffic controller, directing information along it’s
appropriate path. The Cisco routers that are vulnerable could allow outside
access to your entire network. Your security is only as strong as your weakest
link, and as a router is sort of a hub for all inter computer communication it
could expose private data or security keys that are used during the transfer
Switches – A network
switch is a device to physically connect a network of computers. Different than
a hub, which broadcasts the information to be transferred across all ports, the
switch is able to specifically identify each machine on the network and send
data only from one specific machine to another specific machine. A hacker who
gained access to the switch would not even need to be physically connected as
he could gain entry via any of the computers connected to it. It would require
a second vulnerable point, however, which does reduce its threat to your
system’s security somewhat. Once hacked it would provide access to all
networked devices and their specific identification information, along with any
data being transferred between any attached device.
Access Points – An
access point is generally wireless and connects via hardwire to an existing
network while allowing other devices to connect to the same network using a
wireless connection. All WiFi setups use an access point to give users access
to the Internet. While convenient, it relies on encryption technology to
restrict outside access to a network. The vulnerability could allow any hacker
within physical range to enter the network and gain access to the entire
network of connected devices. It would allow access to all data being
transferred, as well as potentially any data stored on any connected devices as
well, depending on their own individual security.
Firewalls –  A firewall is essentially a software or
hardware based security barrier made up of rules that decides how to handle all
incoming and outgoing traffic between a secured and unsecured network, such as
the Internet. It is essentially the equivalent of putting up a moat that forces
all traffic to be considered and approved before being allowed to pass through
the wall. Recently, it was revealed that the NSA has what is essentially a permanent backdoor into Cisco firewalls. All
Cisco hardware must legally allow for the potential need for wiretapping and
certain conditions are integrated into the internal software of a device,
though most are never used. Though it seems that as long as these systems are
in place, the NSA can upload and update their particular exploit allowing
access through a normally impassible firewall.
Overall, whether you are exposed or not depends on which
specific Cisco devices your company has. Some of them are not vulnerable at all
to the Heartbleed exploit while others are until they are patched. Cisco may
simply offer a replacement for your current device, or you may want to consider
seeking alternatives in the meantime if none of the current solutions suit your
Camille McClane is a
writer, researcher and editor, who frequently blogs about about Cisco training
and other computer repair-related subjects. Her favorite subject to focus on is emerging technology
trends and its overall effect within business expansion and relations. She
hopes the readers of eHacking.net enjoy this article as much as she enjoyed
writing it.

Image Source
Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

What Makes ICS/OT Infrastructure Vulnerable?

Infrastructure security for operational technologies (OT) and industrial control systems (ICS) varies from IT security in several ways, with the inverse confidentiality, integrity, and...

Everything You Must Know About IT/OT Convergence

What is an Operational Technology (OT)? Operational technology (OT) is a technology that primarily monitors and controls physical operations. It can automate and control machines,...

Understand the OT Security and Its Importance

This article discusses OT security and why it is essential for protecting industrial systems from cyberattacks. We will also discuss common control objectives that can...

What is Deepfake, and how does it Affect Cybersecurity?

Producing deepfake is easy. It is hard to detect. They operate with a description of reality rather than reality itself (e.g., a video). Any...