Are Cisco Products Really Safe? What is Vulnerable?
In the wake of the recent Heartbleed security scares, it can be difficult to keep track of all the potential security risks along with how they might affect you. Several companies have already issued statements to customers to let them know that the vulnerability has been patched and what they can do to ensure their personal data remains un-compromised.
Others, such as Cisco, discovered that the exploit affects their hardware as well as their website which can be a much more difficult problem to solve as it requires each of the individual devices to be updated on their own. Cisco published a list of vulnerable devices, but by their own admission, they have not finished analyzing all of their equipment yet. Here are some of their more popular devices and how their vulnerability might affect you:
Routers - A router is a devices that controls the transfer of data between two or more computers. It receives data from one device and then routes it to its intended destination. It functions like an air traffic controller, directing information along it’s appropriate path. The Cisco routers that are vulnerable could allow outside access to your entire network. Your security is only as strong as your weakest link, and as a router is sort of a hub for all inter computer communication it could expose private data or security keys that are used during the transfer process.
Switches - A network switch is a device to physically connect a network of computers. Different than a hub, which broadcasts the information to be transferred across all ports, the switch is able to specifically identify each machine on the network and send data only from one specific machine to another specific machine. A hacker who gained access to the switch would not even need to be physically connected as he could gain entry via any of the computers connected to it. It would require a second vulnerable point, however, which does reduce its threat to your system’s security somewhat. Once hacked it would provide access to all networked devices and their specific identification information, along with any data being transferred between any attached device.
Access Points - An access point is generally wireless and connects via hardwire to an existing network while allowing other devices to connect to the same network using a wireless connection. All WiFi setups use an access point to give users access to the Internet. While convenient, it relies on encryption technology to restrict outside access to a network. The vulnerability could allow any hacker within physical range to enter the network and gain access to the entire network of connected devices. It would allow access to all data being transferred, as well as potentially any data stored on any connected devices as well, depending on their own individual security.
Firewalls - A firewall is essentially a software or hardware based security barrier made up of rules that decides how to handle all incoming and outgoing traffic between a secured and unsecured network, such as the Internet. It is essentially the equivalent of putting up a moat that forces all traffic to be considered and approved before being allowed to pass through the wall. Recently, it was revealed that the NSA has what is essentially a permanent backdoor into Cisco firewalls. All Cisco hardware must legally allow for the potential need for wiretapping and certain conditions are integrated into the internal software of a device, though most are never used. Though it seems that as long as these systems are in place, the NSA can upload and update their particular exploit allowing access through a normally impassible firewall.
Overall, whether you are exposed or not depends on which specific Cisco devices your company has. Some of them are not vulnerable at all to the Heartbleed exploit while others are until they are patched. Cisco may simply offer a replacement for your current device, or you may want to consider seeking alternatives in the meantime if none of the current solutions suit your needs.
Camille McClane is a writer, researcher and editor, who frequently blogs about about Cisco training and other computer repair-related subjects. Her favorite subject to focus on is emerging technology trends and its overall effect within business expansion and relations. She hopes the readers of eHacking.net enjoy this article as much as she enjoyed writing it.
Image Source
Image Source