Description
The FortiGuard Incident Response team is ready to assist with the discovery, containment, and remediation of a wide range of intrusions, including those that originate from the targeting of network infrastructure like routers and switches.
While the majority of threats discussed in the cyber security community target endpoints, vulnerabilities in core networking infrastructure can still provide adversaries an opportunity for initial access and persistence in a network[1].
FortiGuard continues to observe threat actors targeting older vulnerabilities in networking devices (CVE-2019-10891, CVE-2018-10562, CVE-2018-10561, CVE-2015-2051) even though patches are readily available. As with all incidents, including those related to the compromise of networking infrastructure, a quick response that effectively contains an intrusion before it can spread is key to minimizing business impact and reducing the complexity of remediation efforts.
Scope
FortiGuard.
Solution
Engaging Response Services
To engage the IR team directly in relation to a current or ongoing intrusion please use the ‘Experienced a breach?’ link available here:
https://www.fortinet.com/solutions/enterprise-midsize-business/security-as-a-service/fortiguard-inci...
This webpage also has additional information on the IR services we provide and how it can help you better understand and mitigate the risk associated with network infrastructure compromise.
Engaging Proactive Services
To proactively prepare the security teams to better handle threats associated with network infrastructure compromise, engage the Incident Response Readiness service.
The FortiGuard IR Readiness service can assess the security posture and provide support to patch holes in the defenses, build playbooks to combat emerging threats and war game your existing processes as part of tabletop activities.
More information on this service here:
https://www.fortinet.com/content/dam/fortinet/assets/solution-guides/sb-fortiguard-incident-readines...
[1] https://blog.netlab.360.com/pink-en/
