IT Security & High Risk Users Management Blog | WALLIX

Is the VENOM vulnerability really a cloud armageddon?

Written by WALLIX | May 27, 2015 12:25:00 PM

When it comes to media coverage of IT security issues there is occasionally a tendency to over-state the risk. Headline writers take there opportunity to exploit (pardon the pun!) our lack of technical expertise to paint scenarios of impending doom.

The VENOM vulnerability disclosed yesterday by security firm CrowdStrike has now become the latest threat that will bring the sky crashing down, or in this case, the cloud. Fortune opted for this subtle and considered headline:

CrowdStrike’s explanation of the vulnerability is responsible and useful for any organisation looking to formulate their own response or evaluate the risk that this might pose to their infrastructure. You’ll note from this information that there are factors which distinguish VENOM from other VM “escape” vulnerabilities, and it’s possible that these increase the risk of this weakness being exploited.

One serious consideration is that VENOM can move around a network of systems once it has root access or administrative privileges. Which means that if your business has worked to implement an access management solution that keeps these accounts out of reach you’ve already significantly reduced your risk in this case.

We must accept that vulnerabilities in technology will occasionally put the network perimeter at risk of being breached. That means we must also work to minimize the potential for damage and data loss once any threat is inside, getting greater control of how privileged accounts are used will mean you can effectively firewall access from the inside in the same way as from the outside.

Wallix AdminBastion is a solution to help you control, manage and monitor access for privileged users to servers and other devices without handing out root and admin passwords. You can find out more and watch a video here.