Andrew Brandt

And they closed those loopholes with the hotfix.

Now, they had built the facility to do hotfixes, and they had not really used them before this.

So there had been no real reason to do it.

But I think they had built in the capability to do these hotfixes, anticipating that there might be an opportunity to use it if there was something that was a real problem.

And it was fortunate that they had rolled this out

in the previous firmware update just before this attack had taken place.

Yeah, I mean, that's a great question.

I was not privy to those discussions, but I'm sure there were discussions like that about, you know, what is our legal liability?

What are we allowed to do and not do remotely on these devices?

I believe ultimately the decision was made, and I'm not sure if there were lawyers consulted on this or not, but it made a lot of sense that the harm of allowing the firewalls to basically try to

ransomware, the inside of networks, was probably greater than the risk of somebody complaining that, oh, you made a change to my firewall without telling me first.

So they just went ahead and did it.

It's basically a backdoor that you had.

Yeah, that's entirely accurate and you're not wrong.

These are devices that are typically placed in a position in the network where they act as the barrier between the outside and the inside worlds of the networks.

I recognize that that is a risk.

However, and it is also worth noting,

that this is exactly what the bad guys were doing at this moment.

They were installing malware inside the firewall.

So how do you fix that?