Have you seen some of the cool things that hackers can do? I remember a few years back when they created the BlueSniper Rifle, a device that could allow picking up a BlueTooth signal from up to a mile away. That is pretty impressive for a technology that was meant to be used at a distance of just a few meters. This is just one example of ways that hackers have found ways to bypass the limits of a technology.
Some of these things you may have never heard of, whereas some are picked up by the media and become the latest and greatest buzzwords. You may hear terms like APT or sophisticated in breaches that have occurred. The reality is that there is a lot of hype that surrounds low probability issues. Am I worried someone may try to intercept my bluetooth from a mile away? No. Could it happen? Possibly, but it is unlikely.
We need to make sure that we are focusing on the fundamentals that have been preached for so many years. If we can’t get the basics right, there is no need for the effort to attempt advanced attacks.
Do you currently have a patching policy that is implemented and a program that is functional?
Are your firewalls properly maintained and monitored?
Do you have secure coding policies and procedures and are the developers held to them?
Is QA trained on security testing techniques to look for at least the low hanging fruit?
Are your users trained on social engineering and understand what to do when they feel as though they are the target of an attack?
While this is a small list, it is something that is often overlooked in companies. If you look at many of the breaches that have been in the news recently, we see more social engineering attacks than we do attacks from a blue sniper rifle. Most of the attacks we see are not sophisticated and rely on weak controls or insecure configurations.
When maturing your security program, it is important to focus on the tasks that are most relevant to your business and situation. Many of the fundamentals cross industry boundaries, while some do not. As developers, we may have different secure coding policies based on the language/frameworks we use. For administrators, maybe it is our topology/technology in use that guides us. In either case, we need to keep our focus on building a base foundation before we start getting caught up in the glitz and glamour of some of these edge case scenarios.
It is cool to say I am protected from a bluetooth sniper rifle from a mile away, but not cool to fall victim because you have default passwords. It is the latter that is more important in most cases.
These edge cases can be really cool and interesting, but take a moment to determine if it really effects you and your situation or not before diving in head first to try and find a solution.