Pros and Cons of Announcing a Security Weakness Once It Has Been Found
Recently highlighted security flaws, have shown that hackers have been finding ways to exploit announced security weaknesses much faster and their exploits have much bigger scale than before. Therefore, every time a new weakness appears, software developers have less time to update their products with the latest security measures. A security team for Drupal have recently expressed their worries that whoever have not updated their systems after an SQL injection exploit that was disclosed on October 15 are in a situation where their sites might have already been compromised.
Another Vulnerability that is expected to become commonly used by hackers is Sandworm. Attackers began exploiting this Windows vulnerability in early October and now it is believed to be ready to be included into exploit kits. On the one hand announcing the security weaknesses that have been found enables software developers to update their systems and ensure that they are prepared for the latest security breaches. On the other hand, publicly announcing exploits informs more hackers about it that are willing to make a profit out of it by making the exploit easy to use. Once the exploit becomes easy to use, it can be added to the exploit kits that later might be bought by people interested in using the exploit to their desires.
Many researches showed that the public announcement of a vulnerability leads to an increased number of cases when the exploit is being used. However, the connection of the two has rarely been studied. In 2012 Symantec researchers have published a paper in which they state that after the information about zero-day vulnerability has been posted, the number of times hackers used the security weaknesses increased 100,000 times. It shows that even though the announcements are made to protect people’s privacy, it also brings harm as an influx of exploits appear after the announcement is made.
Once the exploit to a vulnerability has been found, more attackers are interested in investigating the vulnerability personally to add the exploit to their kits as soon as possible. A single successful breach may indicate that investigating the exploit is a time worthy effort thus attracting masses of people interested in bypassing security walls to gain data or knowledge that later can be used to gain profit.
To fight this issue is very problematic since there is no way to notify software developers about the possible security breach without hackers learning about the weakness in the process. Furthermore, security professionals have to split their job to deploy patches that focus on different levels of security. Moreover, attackers are also racing against time to bring the latest exploits to their kits before others and before the security weakness is patched and no longer present in the software.
Unfortunately, it is impossible to create a system that would be immune to any attacks because everyday new weaknesses are discovered and being exploited. Additionally, it is much harder to develop a product that is immune to attacks since the product consist of many blocks while the attacker only needs to find a single security flaw to potentially take control of your system.
A VPN offers an additional security level that hackers need to bypass in order to access your system. Our NordVPN systems are always being updated to ensure that we are secured from possible security breaches and to improve our users security.