Today, there is an ever-increasing abundance of programs available to the modern consumer. These software options range from productivity related programs such as Microsoft Word, all the way to modifications to your favorite video game to add in features. All these various programs have different levels of support, and while you see Microsoft constantly updating their products, you do not often see the same level of attention paid to a video game mod. Some of these updates you notice right away, such as an update to add new features and to streamline what the program can do. But often unappreciated are the millions of security updates which work to keep your devices secure from malicious actors. Many of these updates were created in response to known attacks that happened to someone out there just like you and me. Because of this, it is vital that you do not delay software updates on your devices. The consequences can be severe, as is what happened to a prominent IT company and their user’s data.
The 2022 LastPass incident
LastPass is, or after this event perhaps was, one of the leading names in password management companies. They provided users with the ability to store passwords for all their accounts, as well as secure notes and form filled data. As you might imagine, security was the paramount concern of the company, and much effort was spent constantly updating and securing the service. Being that the company was a primary target for all the world’s hackers, it was expectedly and constantly under digital siege (as evidenced by several previous security incidents), however these incidents had always been contained and mitigated. And yet, as Forbes reported in march of 2023 there was a significant data breach resulting in many IT professionals recommending that users drop the company altogether and quickly. And what caused this sudden reversal in LastPass’s fortunes? A single piece of third party media software containing a software vulnerability, running on one of the company’s head engineer’s home network.
A malicious individual, often called a threat actor in IT circles, was able to target a senior engineer’s personal laptop and install a piece of malware into this media software allowing them to subtly take control of their computer and see every keystroke the engineer made. As you might imagine, it was not long before the threat actor had everything they needed to access LastPass’s cloud servers and steal millions of people's data! This incident also revealed other security practices that LastPass needed to improve on, but also highlights the need to ensure your programs are being adequately updated, as even senior DevOps engineers can be taken in by a single vulnerable program!
Key Takeaways
This incident touches on two important considerations for everyone: 1) keeping your computer updated, and 2) ensuring that you’re using only trusted and maintained software, avoiding the security pitfalls associated with freeware. Additionally, it highlights the fact that a single compromised device within any network, be it a company’s services, our University, or even your home network, can have massive consequences not only for the user, but also everyone else and their data connected to the network. Software updates are a vital part of this process, so you can understand why it feels like your device is pushy about it! Here are some of the benefits of software updates, and ways you can ensure that your devices are in tip top shape!
Benefits of security updates:
Patching Security Vulnerabilities - Software updates, or patches, are released by developers to address security vulnerabilities discovered in their applications. Failing to update your software means leaving these vulnerabilities unaddressed, leaving your devices and data exposed to potential attacks. Regular updates ensure that you have the latest security patches in place.
Protection Against Exploits and Malware - Outdated software becomes an easy target for exploits and malware. Malicious actors actively search for systems running outdated software, as they are vulnerable to attacks that are known to work. By keeping your software up to date, you fortify your defenses and reduce the risk of falling victim to such attacks.
New Security Features - Software updates often include new security features and enhancements that improve your overall defense. Developers constantly analyze emerging threats and design updates to mitigate them effectively. By staying updated, you benefit from the latest security measures and advancements in technology.
Software Ecosystem - It's important to recognize that software is interconnected. Outdated software on one device can become a gateway for compromising the entire ecosystem. Neglecting updates on any device connected to networks or shared systems poses risks not only to your own security but also to others within the network, both within the University and most importantly at home.
How can I keep up?
Enable Automatic Updates - This ensures that your software receives the latest security patches without requiring your active involvement. Regularly check and configure automatic update settings for your computer, applications, and other devices.
Update All Devices - Remember to update all your devices, including computers, smartphones, tablets, and Internet of Things (IoT) devices. Neglecting updates on any device can create vulnerabilities that compromise your overall security.
Prioritize Critical Updates - While all updates are essential, prioritize critical security updates for your operating system and security software. These updates often address the most severe vulnerabilities and play a crucial role in maintaining your digital defenses.
Be timely – While it is perfectly fine to delay your computer’s requested update while you are working on an important paper, ensure that you update your device as soon as possible, ideally on the same day.
Stay vigilant!
--WU ITS Information Security