Especially with the pandemic, organizations want their technology accessible from any location. Security vulnerabilities, however, dictate that it may not be wise to expose everything to the internet.
I have seen businesses or educational institutions set up all their computers and devices with public IP addresses. It’s common to accidentally leave networks open to attackers. Network segmentation is one way to mitigate risk from these open doors. Before I discuss that, let’s look at some recent examples that allow attackers to go after an entire network.
Bad Neighbor exploits Windows handling of router advertisement packets
A Microsoft security patch released in October fixed an issue that exposed a vulnerability in how the Windows TCP/IP stack improperly handles ICMPv6 router advertisement packets. Called Bad Neighbor, CVE-2020-16898 impacts all versions of Windows 10 and Server 2016 and Server 2019. The risk of this attack is not necessarily a direct remote attack, but a blended attack starting with a phishing lure that then injects itself into workstation to gain network access. The proofs of concept trigger blue screens of death and not full remote control.