Hanna-Kunath-Straße 31, D-28199 Bremen
+49 421 34 14 94
brm@brm.de
Jobs & Career Our Blog Imprint
brm IT Service Logo
brm IT Service Logo
IT review 2021: IT security, zero-day and hafnium
b.r.m.ITIT security

IT review 2021: IT security, zero-day and hafnium

IT IT-Service IT-Security Bremen b.r.m. brm

In our series "IT Review 2021", we look at the most interesting and dangerous IT security vulnerabilities of the past year, today: Zero-Day and Hafnium. 2021 was not a good year for IT security and shows once again that IT security must be seen as a continuous process. Defenses against attackers must be constantly refreshed, otherwise they will rot like an old unmanned castle wall.

The nightmare par excellence: zero-day and IT security

Software manufacturers usually act very quickly against known security vulnerabilities or have already identified the problem. A corresponding patch closes the security gap and the program can continue to be used for the time being. For this very reason, it is important to have and keep modern IT systems up to date. Continuous improvement is the key to stable and secure operation of IT systems.

However, a massive problem arises from a so-called "zero day". This term refers to the fact that the vulnerability exploited here has been known for zero days, at least to the manufacturer and the public. Therefore, there is no patch or workaround to close this gap. It was simply not known. The most sensational case of a zero-day exploit worldwide is certainly Stuxnet. Here, several zero-day vulnerabilities were used to disrupt production systems and execute unexpected commands.

Zero Day and hafnium, what happened?

At the beginning of March, a total of 4 relevant security flaws, i.e. "zero-days", were discovered on Microsoft Exchange servers. These were presumably used by the hacker group Hafnium to systematically scan and infiltrate thousands of Exchange servers. According to research, the aim was to install a "backdoor" in the systems, so it cannot be conclusively determined to what extent this vulnerability will have an impact in the future.

According to some estimates, Microsoft reacted more slowly than desired, but the exploited security gaps have been closed. Several security patches have ensured that the zero-day exploit is no longer usable.

Proper IT security means continuity

Proper, i.e. reliable IT security is a wish and promise of all those entrusted with IT systems. In addition to the standard technology, such as a firewall, there are also a number of conceptual points to consider. The magic triangle of cost, time and quality naturally also applies to this area of professional activity. With regard to the time factor in particular, it is immediately apparent that there can be no absolute state of security in a dynamic system. In the case of a zero-day exploit, the time component is distorted to such an extent that a correct (qualitative) response immediately generates high resource consumption. A good IT security policy therefore relies on continuous improvement and adaptation to a dynamic threat environment. Systems must not be operated unattended. Only taking action when something no longer works inevitably leads to disaster. Effective and efficient action is characterized by continuity. Please also read the statement by Dirk Arendt from Trend Micro.

Drones and the U-Space service provider b.r.m. | Early spring hums in the airDrones and the U-Space service provider b.r.m. | Early spring hums in the airMarch 11, 2022
Certified management system EcoStep 5.1 at b.r.m.March 21, 2022Certified EcoStep 5.1 management system at b.r.m.