Secure your Remote Access Software
Remote Access Software has many advantages, but it also opens up vulnerabilities for your networks if proper safeguards are not put in place.
Remote Access Software (RAS) encompasses various applications that allow network administrators, maintenance engineers, help-desk staff, as well as countless others to efficiently manage and troubleshoot IT and OT networks without the burden and expense of travel to get to site. This allows one or a few skilled individuals to provide support for multiple locations, regardless of the distance between these locations.
Given the fact that this software is frequently used by these individuals, it rarely triggers any of the network security tools that the organization has in place. A network breach via remote software does not require a high level of skill by the threat actor (any person or organization that intentionally causes harm in the digital sphere) since no complicated code or additional software applications are used. If the actor can breach the computer that is accessing the network remotely, it is likely that firewall controls and policies which are in place will not even detect his or her presence.
The “Guide to Securing Remote Access Software” was developed by the US Cybersecurity and Infrastructure Security Agency (CISA) in response to foreign countries’ attempts to breach US networks based on these tactics. Some of the remote access applications that the Guide mentions that threat actors may leverage are:
|
|
Remote access software geared toward OT networks includes, among others, the following:
|
|
The Guide references many steps that should be taken by organizations to guard against potential breaches of this nature, as well as remediation techniques if a breach is identified.