You are here

How to mitigate against your IT monitoring software being hacked

Network Monitoring Hack

With the news breaking over the weekend of a large hack in the IT network monitoring world, we asked Rob May, VP of Engineering and Information Security at Opsview, for his thoughts:

"It's only suspected at this stage that the hack experienced by the SolarWinds Orion product is that of a nation state attack. These have been a growing threat for years, you only need to look back at WannaCry back in 2017 to see the wide hitting impact that these attacks can have on organizations and their customers.

"Malware enumerates accounts and systems when it infects a machine, so spreading to servers is expected. Servers are more consistently available on the network than workstations and infected systems need to be powered down quickly to mitigate the effect of the attack. Then you need to identify all backups and have them removed from the networks so the backups themselves don't get encrypted. Internal education continues to be the biggest protection against third party attacks. Phishing and other social engineering emails are one of the most common ways to gain access to internal systems so training staff not to click on unknown or malicious emails remains imperative.

"Another key point is to ensure that you are operating the latest product versions. All software vendors constantly run vulnerability scans and patch any vulnerabilities that are identified. If you are on an out-of-date version, there's a possibility you may have a security risk. In addition to performing vulnerability scans, most vendors will have penetration testing for new code. This is undertaken by an accredited third party. Opsview's penetration testing conforms to NCSC CHECK standard. Some engineering teams will also have peer review of code commits, another set of eyes for additional security. At Opsview, our engineering is on shore, we do not outsource our software development to third parties." 

If you're concerned about your current IT monitoring software, talk to your vendor or you can contact Opsview at sales@opsview.com.

Get unified insight into your IT operations with Opsview

More like this

Systems Fail
Blog
By Megan Woodhall, Marketing Assistant

Here are three reasons why sysadmins should implement 'Read Only Fridays' and avoid making large-scale changes at the end of the week. 

Nagios vs the competion
Blog
By Megan Woodhall, Marketing Assistant

If you're a dissatisfied Nagios user who is ready to make the switch to Opsview, here is a guide on how to execute a migration that will result in...

Automation
Blog
By Nathan Garbacz, Solutions Architect

DevOps is about accelerating delivery of new products and services at scale, reliably and affordably. Doing this requires comprehensive IT ...