EMA Research Blog: Navigating IT and Security Horizons

Welcome to the recap of the Enterprise Management Associates (EMA) Cybersecurity Awesomeness (CSA) Podcast. Hosted by Chris Steffen, Vice President of Research and Ken Buckler, Research Director at EMA, the CSA Podcast covers a wide range of cybersecurity topics, from cyber workforce talent shortages to cyber threat intelligence, to current events in technology and security. This short, laidback podcast is for listeners of all skill levels and backgrounds.

Welcome to the recap of the Enterprise Management Associates (EMA) Cybersecurity Awesomeness (CSA) Podcast. Hosted by Chris Steffen, Vice President of Research and Ken Buckler, Research Director at EMA, the CSA Podcast covers a wide range of cybersecurity topics, from cyber workforce talent shortages to cyber threat intelligence, to current events in technology and security. This short, laidback podcast is for listeners of all skill levels and backgrounds.

Welcome to the recap of the Enterprise Management Associates (EMA) Cybersecurity Awesomeness (CSA) Podcast. Hosted by Chris Steffen, Vice President of Research and Ken Buckler, Research Director at EMA, the CSA Podcast covers a wide range of cybersecurity topics, from cyber workforce talent shortages to cyber threat intelligence, to current events in technology and security. This short, laidback podcast is for listeners of all skill levels and backgrounds.

Welcome to the recap of the Enterprise Management Associates (EMA) Cybersecurity Awesomeness (CSA) Podcast. Hosted by Chris Steffen, Vice President of Research and Ken Buckler, Research Director at EMA, the CSA Podcast covers a wide range of cybersecurity topics, from cyber workforce talent shortages to cyber threat intelligence, to current events in technology and security. This short, laidback podcast is for listeners of all skill levels and backgrounds.

As of January 2023, Over 194,000 Systems on Internet Still Vulnerable to Heartbleed

The Bleeding Heart of the Internet

In April 2014, the Heartbleed vulnerability was publicly disclosed, sending the information technology world into a panic and rushing to patch this critical vulnerability in OpenSSL, which was allowing the theft of information directly from the memory of vulnerable systems, including private keys and other secrets. This vulnerability featured extremely easy exploitation by attackers, leaving no trace of attacks. Heartbleed ultimately resulted in many late nights for most of the information technology industry, who worked to implement and validate patches for open and closed source products that have integrated the OpenSSL libraries – which accounts for an extremely large percentage of technologies connected to the internet.

Long gone are the days of simple, signature-based defenses against cyber-threats.

Cyber-threats are growing at an exponential rate in the perpetual cat-and-mouse game of cybersecurity, and traditional approaches to cybersecurity are struggling to keep pace. In 2021, anti-malware vendors estimated that they detected between 300,000 and 500,000 new pieces of malware every day. That means than in 2021 alone, over 100 million new pieces of malware were created. Even if cybersecurity vendors can keep up with the sheer volume of new pieces of malware, traditional signature-based and even heuristic-based detection algorithms will struggle to keep up – and that’s only for known malware.

It's been quite an interesting couple of weeks. What started off with rising tensions as Russia amassed troops at the Ukraine border evolved into a full invasion of the country. Our newsfeeds are filled with stories and images of ace fighter pilots, brave soldiers making their final stands, and farmers stealing Russian tanks by hooking them up to farm equipment – but another battle has been taking place behind the scenes for many years.

In late July, the Department of Homeland Security issued a warning about a growing number of malicious cyberattacks aimed at ERP systems based on a research project conducted by Digital Shadows and Onapsis. This warning comes at the heels of the first-ever DHS CERT Alert focused on SAP Business Applications released in May of 2016. According to the report, hackers exploited old, unpatched vulnerabilities to successfully hack multiple organizations, including government agencies, energy businesses, and financial services companies. Onapsis and Digital Shadows found significant evidence of increased interest on ERP applications, including bad actors in criminal forums on the dark web asking for exploits specifically targeting ERP technology vulnerabilities. The study, “ERP Applications Under Fire: How Cyberattackers Target the Crown Jewels,” found that the attackers do not need to use advanced techniques to breach their targets because the current state of ERP application security across organizations is such that old vulnerabilities still affect these systems. This means that attackers don’t need to develop new zero-days or advanced exploitation techniques.

Nearly every day another successful breach is reported. In 2016 alone, organizations from major governmental agencies such as the IRS and Department of Defense, to major retailers including Wendy’s, have succumbed to attack. These organizations are not alone; every major business and governmental sector has been compromised. Large tech companies such as LinkedIn and Oracle, healthcare providers including Premier Healthcare (as well as numerous hospitals), manufacturers, major educational institutions, and large financial organizations have all succumbed to either internal or external threats.

One of the services that EMA provides to the tech industry is research. During the course of the year, numerous projects are launched to help IT consumers and vendors understand market perceptions. EMA then provides analysis and forecasts on trends based upon those perceptions.