The “I Would update it Later” Virus
The “I would update later” virus is one of the most common infections, and it is 100% preventable. The most effective attack vector takes effect from humans. Social engineering, weak password, and not updating/upgrading your systems are the top three vulnerabilities introduced by the weakest link in the security chain (Us the humans).
Today we will concentrate on one of the three, updating/upgrading. Applications, operating systems, or devices have flaws, and these usually are not identified until the product is in use. These flaws are called vulnerabilities, and it creates holes in your wall of protection.
I will use two analogies (a home and a ship) to break it down in a very simplistic way. Your home has walls protecting the inside from the risks outside. Like your systems, your home has many ways to access the interior of the house, (Windows, chimney, vents, etc.)
After time passes, the windows seal starts to crack (vulnerability). While the damage on the window is not fixed, A water leak (the risk) could destroy your floors, interior walls, and electronics. That non-fixed crack is a vulnerability that introduces the risk of expensive repairs from water damage inside your home.
A crack into your security boundary is all an intruder needs to take over your network. The internet is like a big body of water, and your network is one of the ships traveling on it. While your vessel is sealed properly, no water can sip inside.
All that can change as soon as someone in the ship allows the water inside; by mistakenly making a hole (clicking on the wrong link) or by not patching a crack when found (ignoring a disclosed vulnerability fix).
Vulnerabilities are holes in the software, firmware, or hardware. Therefore, patching those holes is the only way to get rid of them.
Yes I know, updates/upgrades can sometimes create other smaller holes in the ship. That is the risk we need to accept as the captain, with the understanding that the original patch covered a bigger hole that could sink the ship faster and without the chance to recover.
As mentioned at the beginning of this post, the “I will update later” virus is 100% preventable. Just click update or upgrade “Now.”
