FireEye's 'Threat Prevention' Products Are Open to Threats
ArsTechnica just released a breakdown of Google's Project Zero Teams' discovery of a major security flaw in FireEye's coding that potentially allows attackers to infiltrate a network and export everything of yours you have on the network -- passwords, download histories, viewing history -- all by just sending that network an innocuous-looking email.
FireEye, to their credit, quickly acknowledged the weakness in their affected products and released a patch designed to address the issue. However, it's episodes like these that make the non-hacking crowd shake in their boots. Just how vulnerable are we?
Keys to the Kingdom
The vulnerability in code is currently in the following FireEye product series: EX, AX, NX, and FX. This was first detected by Google's own spec-ops hacker team. Ominously named "Project Zero," this team focuses on finding so-called "zero-day" exploits.
In his blog post, Project Zero guru Tavis Ormandy explained the entire vulnerability in highly technical terms accessible and understandable only to trained computer programmers and hackers. Paraphrasing his post, he warned that FireEye's flaw potentially could allow an attacker simply to send an email and essentially have full access to some of the most private employee information on the network. And the recipient needn't even open the email at all: simply receiving it would offer the attackers the keys to the kingdom.
What Can You Do Now?
FireEye users should upgrade to security content release 427.334 or higher. Lawyers monitoring their own network may have no choice but to hire a professional IT person to update their network again.
What Can You Do Later?
Well, that's just it ... you can't really do anything except for refusing to use email and a host of other electronic communications. But we're all so overwhelmingly reliant on our devices (and networks) that to go without them would be tantamount to business suicide. Even a lawyer who also moonlighted as hacker with unusual talents would find it a challenge to balance security risks against the need to make a living.
However, there are simple precautions you can take to hopefully protect against at least the obvious hacker threats. For example, conduct spear-phishing awareness training at your firm and use best password practices. Also, be sure to carefully research the best way for you to secure your wireless network.
FindLaw has an affiliate relationship with Indeed, earning a small amount of money each time someone uses Indeed's services via FindLaw. FindLaw receives no compensation in exchange for editorial coverage.
Related Resources:
- Need recruiting help? Find it here. (Indeed)
- Corpse-Eating Microbes Might Help Solve Murder Cases (FindLaw's Technologist)
- Holiday Present From Congress: No Internet Access Taxes (FindLaw's Technologist)
- Thousands of Airbnb Hosts Are Violating Anti-Discrimination Laws (FindLaw's Technologist)