Vulnerability

Description
A vulnerability is a weakness in a system's design that attackers can exploit to carry out a malicious act undefined. Vulnerabilities are generally a result of poor development skills, lack of understanding and even simply a mistake. But there are some speculations certain applications deliberately have vulnerabilities that can be exploited for surveillance purposes, and this was a rumor regarding the Heartbleed vulnerability. Vulnerabilities can often be overlooked by developers and these flaws are usually picked up by security researchers who report the vulnerabilities to the respective developers. Vulnerabilities have played a huge role in some of the worst cyber attacks and malware outbreaks in history, such as the WannaCry outbreak that exploited the Microsoft SMBv1 vulnerability, which allowed it to spread and infect over 200 000 computers worldwide in just a few days.

Vendors often release software and hardware patches for their products to fix vulnerabilities so that attackers cannot exploit them and therefore enhance the security of their products. But when one vulnerability is patched, attackers always find a new one to exploit to carry out their attacks. There have been some cases where a security patch has fixed one vulnerability but unintentionally created a new vulnerability. It's an ongoing issue that may never be properly resolved as there will always be new vulnerabilities to exploit and that's why security experts cannot stress enough the importance of regular patching of hardware and software.

Types of Vulnerabilities
There are several main types of vulnerabilities that can be exploited by attackers. The attacker may need specific tools and knowledge in order to exploit some vulnerabilities. Below are some of the main types of vulnerabilities.

Access Control Issues
Access control is essentially used to dictate and moderate user access to systems and resources. This is often achieved by means of authentication, identification and authorization undefined. This is a valuable vulnerability for attackers because if successfully exploited, the attacker could gain access with high privilege access. Root level access would be the most ideal because this would give attackers full control of the targeted system and allow them to change configuration settings, weaken security mechanisms, access and manipulate information and install additional malware undefined. Human error is often the biggest factor resulting in access control vulnerabilities as it could be a misconfiguration, user credentials left exposed or poor passwords that are easy to guess or break.

Input not Validated
The functionality of software mainly relies on input in order to perform a desired action. Some applications do not validate input which can either result in a system error due to an invalid input, or the invalid input is still processed and results in a potentially more damaging outcome. Specially crafted input types from the attacker may be sent to an application and by not validating the input, the input may be a command that could be run by the application and result in data leaks, bypassing security mechanisms and more undefined.

One of the reasons why the Heartbleed vulnerability was so severe was because it did not validate the payload size of the message being sent to the server. Therefore the server would return any information it could find back to the attacker until it sent back the same size of data as what the incoming payload indicated. Data validation helps check that the data entered by a user or application is correct, and in the right format. This prevents commands being executed or data being leaked, and instead will most likely produce an error, return nothing or inform the user that the data is invalid, thereby blocking potentially malicious inputs.

Buffer Overflow
A buffer overflow is one of the more common vulnerabilities exploited by attackers. Essentially it is when more data is written to a particular storage space (temporary or permanent), known as a buffer and will begin overwriting into adjacent memory undefined. The two main reasons this vulnerability is exploited is because it can be used in denial of service attacks or they can even be used to help attackers gain entry into their targeted system. Buffer overflows can also cause data corruption or data loss when adjacent memory gets overwritten.

Attackers can use this to also run arbitrary code into the targeted system while it overwrites data and that code could be a malicious command or used to help grant the attacker access to the system. This vulnerability is often a result of flaws in the system's coding, no data validation, not enough allocated memory, and to an extent the programming language used may play a role in a system's susceptibility to buffer overflows.

Race Condition
A race condition is when two or more processes try to execute at the same time (sometimes for the same resources as well). As a result, the system will need to run these processes in a particular sequence in order for the processes to run accordingly undefined. A change in this sequence may result in a change of system behavior or even a system crash. Attackers can use the time gap between processes in the sequence to run a malicious command or processes on the system undefined.

This type of vulnerability can result in a denial of service attack or help grant the attacker elevated privileges. A common way to prevent this vulnerability is to make use of single-threading where only one processes at a time can run and use a resource and prevent other processes from running and trying to use the same resource at the same time. Once the resource is no longer needed, it gets released to the next process that needs it.

Poor Cryptographic Practices
Data is often encrypted to help keep it secure when in storage or in transit over a network. If encryption is not implemented properly, it will not keep data secure and still result in data breaches and theft. Some systems do not use strong encryption (or outdated encryption) methods. Attackers will always work to try and break new encryption algorithms or break encryption mechanisms, so using outdated encryption algorithms such as Data Encryption Standard (DES) will result in an easy data breach for attackers.

Using a fixed cryptographic key is also a huge vulnerability because if the same key is used each time, it will be very easy for the attacker to break the encryption and obtain valuable data. The handling of keys is also a huge vulnerability if not done properly, because if the key is found or intercepted, then the attacker can intercept or steal data and encrypt it with the respective decryption key. Common places where keys are stored but shouldn't be are in the system's configuration files, databases or on the file system undefined. Ideally the keys should be stored separate from the system to avoid being found by attackers and the keys themselves should also be encrypted in the event they are still found or intercepted.

Human Error/Ignorance
People are the biggest vulnerability that affect computer systems because not all individuals are aware or well-informed about security risks. Attackers use a technique called social engineering to try and trick individuals into giving up credentials, installing malware onto systems or perform some other type of action that would ultimately work in the attacker's favor. Majority of computer users in organizations are poorly informed of security risks, and are therefore unable to identify phishing emails, malicious websites (and where malware may reside on websites), how malware can infect systems, or understand good security practices.

Preventing and Fixing Vulnerabilities
There are a number of ways that vulnerabilities can be avoided, and for vulnerabilities that already exist the developers of the system need to alter their system designs to fix the vulnerabilities and release those fixes to the public in the form of a patch to correct the system flaw. Some of the ways vulnerabilities can be avoided are:

Secure Coding
Secure coding is a form of best practice when developing systems. This can include enforcing data validation, avoiding race conditions, and implementing mechanisms to test for and prevent buffer overflows. This is essentially taking security into consideration and designing the system in a manner that will minimize the number of possible vulnerabilities undefined.

Configurations
Configuring systems correctly is important to prevent a cyber attack, and if this is not done properly then the configuration creates vulnerabilities in the system or network. If done properly, system configurations can control user access rights, dictate the level of control a user has on a system or network and even help enforce best security practices such as minimum password requirements and timeout idle sessions.

Firewalls and antiviruses need to be configured properly as well in order prevent malware and attackers from entering a system or network. Firewalls need to have the right rules in place in order to filter network packets successfully, so that malicious packets are identified and blocked while safe packets are allowed onto the network. Antiviruses need to be configured in such a way that a general user cannot tamper with the configurations or disable the antivirus, and also it needs to be configured so that it received regular (or daily) updates to keep up with the latest security threats that may affect the system.

Penetration Testing
Penetration testing is used by many organizations to identify vulnerabilities in their systems and their information technology infrastructure. An organization can contract professional ethical hackers to try and breach their systems. After doing so the attackers will produce a report specifying where and how they got into the system, and how the organization can fix this vulnerability. This can help organizations identify vulnerabilities in their infrastructure and fix them before malicious hackers find these vulnerabilities and exploit them in a cyber attack.

Notable Vulnerabilities
Below is a list of severe vulnerabilities that have existed (or still exist):
 * Heartbleed: An OpenSSL vulnerability that allowed the attacker to falsify the payload size of a message sent to a server and the server would send the attacker more information than what it was meant to resulting in cryptographic keys, web sessions, and user credentials being just some of the data sent back.
 * Kaminsky Bug: A DNS Cache Poisoning vulnerability which allowed remote attackers to spoof information which allowed them to redirect web traffic to their desired destination.
 * Shellshock: This Linux/Unix vulnerability allowed attackers to add malicious commands to some variables which would then be run. The vulnerability resided in the Bash component used for operating system input.
 * Bank Card Vulnerability: This is a vulnerability that has existed for a significant number of years now. Attackers are able to manipulate the data on the card which can alter how the card and ATM communicate in order to steal funds with minimal input and security.