الابتكار والفعالية في الأمن السيبراني
في سياق مشروع Lebanon CERT، نُشرت مؤخراً ورقة بحثية تهدف إلى النظر في ماهية الثغرات الامنية وإظهار تأثيرها على مختلف القطاعات اللبنانية بما في ذلك البنية التحتية الحيوية. وقد تم الكشف عن 1645 ثغرة أمنية حرجة.
Summary of Our Findings
We recently published a paper, which addressed critical vulnerabilities and showed their impact on different Lebanese sectors. To this end, we led an experimental study to assess the attack surface of Lebanon’s perimeter. 10 critical and severe vulnerabilities were selected as the base of the experimental study, and 24 382 information systems were gathered in the Lebanese perimeter to be evaluated. In order to proceed to the evaluation, we have used a novel platform known as Lebanon CERT information gathering framework. This platform automatically retrieves necessary information about targeted information systems in Lebanon while interconnecting different data sources (mainly OSINT) to gather all in-scope information for an adequate security risk analysis and management. It also applies semi-passive vulnerability analysis to systems to be evaluated within hours.
As results, 1645 information systems from different Lebanese sectors were found vulnerable, including critical sectors. Corresponding exploits were available online. The work conducted and the results obtained revealed an implementation lack of two core best practices in information security:
- patch management
- incident handling
Given these facts, we argue that one next step towards enhancing cybersecurity in Lebanon is to use this work as a foundation. Based on it, we strive to involve Lebanese ISPs, system administrators, research teams, and delegated staff from the public sector in the evaluation and remediation of Lebanon’s attack surface.Download