We’re seeing a lot of this. Previously ignored ‘shadow IT’ devices, stuff that’s been off the network for a while, and ‘temporary’ development platforms that somehow become production without going through the threat modelling/threat mitigation process. They all represent low hanging fruit for attackers. We’ve been working with Axonius on a program to identify all assets that connect to your network so you can see what needs fixing and take appropriate action…:
[…] Unpatched devices open doors for malicious actors, especially in decentralized IT networks. More than half of survey respondents – 54 percent – say that employees and teams adding solutions and environments (i.e. cloud environments) without permission is the biggest challenge in maintaining control of the IT environment.
However, even if remote unprotected endpoints are identified, they may be left unfixed due to the considerable bandwidth and time required to connect them via VPN to a centralized patch management solution.
By allowing such vulnerabilities to persist, enterprises are exposing their networks to a greater risk of exploitation and privacy breaches. These risks will likely escalate as stay-at-home orders extend in scope and duration.