Protocol requires proper data format and valid ranges in different preset fields per design to work properly.

Threat actors are trying to manipulate the different fields and data ranges in order to exploit weakness of underlying process to handle the protocol.

Just like the illustrated locks. It allow dual admins to unlock it where each admin has own access key. If a “malicious” admin who does not follow the protocol to make the locks in series but putting them in parallel, then access is denied to other admin because unlock will require both keys at the same time.

Therefore, when we talk about security, there are lots of considerations: robustness of the process enforceable by strong technology with people acting honestly and all driven by laws & regulations (or organization policies). Protection is beyond encryption, firewall, system hardening. These are evadable.
Most said human is the weakess link. Yes, this is still true but we must include factors like

  • Incompetent cybersecurity practitioners providing recommendations without reputable rationales to support
  • Handling of privileges users who are under duress situation
  • Top level must have sound judgment to avoid being influenced by FUD to make incorrect decision

So, don’t just blame general users.

Leave a Reply