Importance of Keeping Systems Updated

Security Recommendations

• Always keep operating systems and applications up-to-date.
• Patch systems as soon as updates are available to avoid vulnerabilities.

Risks with Updates

• Risk of malicious software being included in updates.
• Updates are effectively new applications, and can be compromised.

Best Practices for Updating

1. Backup Systems:

   • Always have a backup before making changes.
   • Allows reverting to previous configuration if issues occur.

2. Trusted Sources:

   • Ensure update sources are trusted and typical.
   • Verify sources of downloaded files and updates.

3. Verification of Updates:

   • Digital signatures can validate legitimacy of updates.
   • Check the signature from developers like Microsoft, Google, Adobe.

4. Application's Built-In Update:

   • Applications with built-in update processes have security checks.
   • Automatic verification from the software manufacturer.

Example: Chrome Update

• Update message upon browser start is generally reliable.
• Be cautious of update prompts after visiting websites.
• Prefer updates directly from the developer's site.

Case Study: SolarWinds Orion Hack (Dec 2020)

• Malicious code embedded in updates of Orion application.
• Attackers accessed SolarWinds’ development systems.
• Digital signatures were used to sign the malicious updates.
• Attack affected large organizations globally.
• Attackers used compromised software to access broader systems.

Lessons Learned

• Even trusted processes can be compromised.
• Importance of being vigilant and verifying updates.
• Recognize that built-in security measures are not foolproof.