[maxmegamenu location=max_mega_menu_1]

Heartbleed, Ticketbleed… When Network Infrastructure Security Lets us Down

By Chris Heller • February 15, 2017

When securing enterprise systems every PeopleSoft customer knows they need strong passwords and secure networks. A good firewall is a critical first line of defense. But is your firewall as secure as you think? Ticketbleed, the latest network infrastructure vulnerability, was all over the news today. A quick internet search will turn up several valuable responses, but just for context, Ticketbleed, reminiscent of Heartbleed, is a vulnerability in the SSL/TLS layer of a wide variety of F5 firewalls and load balancers. Today’s news reminds us that even the best network and security infrastructure is vulnerable to compromise. Ticketbleed, Heartbleed, and other vulnerabilities make it very clear: network security infrastructure is not enough.

Assuming a bad actor breaches your network security infrastructure, that actor still has to authenticate, right? Maybe. Remember the days of distributed computing where a hacker might use idle capacity of many computers to attempt to brute-force crack a password? Today there is a much easier way: targeted spear phishing. Through deceptive, socially engineered e-mails, today’s attacker can actually coerce unsuspecting professionals into giving up their credentials. JP Morgan Chase, eBay, Target, Ubiquity, Anthem (Blue Cross), and Sony all trace significant, highly publicized breaches to spear phishing attacks. Kaspersky Labs has traced over a billion dollars in international bank losses to highly sophisticated spear phishing attacks.

If you are following this scenario, the bad actor now has access to your enterprise system through a security vulnerability in your network infrastructure and has acquired the credentials of a highly privileged or highly compensated individual. What next? The attacker just “Hit pay dirt.” It is time to log in and start stealing. An educated PeopleSoft attacker is going to hit one (or all) of the following places:

  • Direct deposit: change bank account information to an off-shore account to steal the next payroll,
  • Personal data > Additional information: this page contains enough personally identifiable information (PII) to steal a compromised user’s identity,
  • HR back-office employee personal information pages: harvest PII,
  • Query: one-stop shopping – all PeopleSoft PII in one location.

Step 1: gain access to the system. Step 2: obtain credentials. That should be enough security, shouldn’t it? It is not. Every day we read about another big-name breach. What is the solution? A product that adds multiple layers of security inside your ERP system:

  • Data masking to prevent harvesting information that users don’t necessarily need to see,
  • Click-to-view masking that logs attempts to access privileged information,
  • Location-based menu pruning to ensure external users won’t have access to back-office, high privileged information,
  • Two-factor authentication to confirm the identity of a user attempting to access or change privileged information.

GreyHeller’s ERP Firewall offers all of these benefits and more. Without making a single modification to your PeopleSoft system, you will obtain piece of mind knowing that your data, your money, and more importantly, your people are safe from cyber threats. Today’s network infrastructure and authentication mechanisms may not be strong enough to keep all the bad actors out of your ERP house, but with a product like GreyHeller’s ERP Firewall, you can choose what a bad actor sees upon gaining entry.

Ensure your organization is in the most secure position possible by scheduling your assessment with GreyHeller today.

Put the Appsian Security Platform to the Test

Schedule Your Demonstration and see how the Appsian Security Platform can be tailored to your organization’s unique objectives