Computerware Blog
These 4 Aging Internet Protocols Are Growing Increasingly Vulnerable to Hacks
When the Internet was first introduced, malware and hacking weren’t nearly as dangerous as they are in the present moment. Due to the unforeseen growth of criminal activity, the Internet wasn’t designed with advanced security practices put into place. Instead, it has grown to adapt to issues as they arrive, similar to the way an animal adapts to the changes in their environment over time. But sometimes, as time goes on, the environment changes too fast for its inhabitants to adapt.
According to InfoWorld, this is what has happened to the Internet and its security protocols. The threats found on the Internet have grown increasingly powerful over the years, and have begun to outstrip the security measures taken by it. While these protocols have been fixed routinely year after year, they might be growing obsolete in the near future.
BGP (Border Gateway Protocol)
BGP is one of the most widely used protocols in modern technology. Most Internet routers use it to transfer information over different networks. It’s a staple protocol, meaning that it’s been around since the Internet was first implemented. Therefore, it’s vital to the proper operation of the World Wide Web. It hasn’t changed much since it was created, and is susceptible to malicious activity. These type of attacks are orchestrated when a hacker makes a device route the network traffic to somewhere other than its destination; like, for instance, a malicious website. Attacks like these have happened before, and they will continue until a new kind of protocol is created to replace BGP.
SMTP (Simple Mail Transfer Protocol)
The modern business knows painfully well that their organization requires an email service. SMTP is what email clients rely on to distribute mail across the Internet. Like BGP, SMTP has been around since the beginning of the Internet. As you can imagine, SMTP wasn’t designed to handle the present-day vulnerabilities and threats. There are some fixes available for this, but the security of your email practices is largely dependent on upkeep from your network administrator or IT department.
DNS (Domain Name System)
Here’s one you might be more familiar with. DNS is the protocol which connects your website’s IP address to a domain name. As shown by the Iranian Cyber Army in 2009 (which was practically a different technology age itself), malicious entities can redirect traffic to a particular website, like to another page. In other words, the website itself wasn’t compromised; just redirected to another site, bringing any sort of activity on it to a halt. This is what an experienced hacker can do with DNS. Some fixes have been brought to light, but they generally affect the overall performance of the DNS server itself, which doesn’t really help much. A more viable fix is still in the works.
SSL (Secure Sockets Layer)
This is another protocol which might sound familiar, especially if you deal with your website consistently. SSL is an encryption protocol used by websites to keep the data transfer private for any ingoing or outgoing information. Unfortunately for web users, SSL hasn’t received an upgrade since 1996, so it’s quickly becoming obsolete, as seen by last year’s POODLE vulnerabilities. The world’s most popular browsers are looking to eliminate SSL completely from their supported protocol, since it already has a valid replacement (TLS, Transport Layer Security). So, it would seem that SSL is just about done in, as it should be.
With all of the threats running around the Internet, it’s important that you make sure your business’s security standards are as sound as possible. For those who want the most comprehensive security solution for their company’s network, Computerware offers the Unified Threat Management solution (UTM). Complete with a firewall, antivirus, spam blocking, and content filtering solution, the UTM is designed to keep threats away from your system and remediate issues before they cause damage. For more information about how Computerware can improve your online experience and operations, give us a call at (703) 821-8200.
Comments