A backdoor is a hidden or undocumented method of bypassing normal authentication or security controls in a system. It’s often intentionally created by developers or system administrators for maintenance, debugging, or administrative purposes, but can also be inserted maliciously by an attacker to gain unauthorised access.
Example
- Developer Backdoor: A programmer leaves a secret, hardcoded username and password in a piece of software that allows them to bypass the normal login screen. This is a backdoor, even if the intent was benign, as it poses a significant security risk.
- Malicious Backdoor: An attacker exploits a vulnerability to install a hidden program on a server that allows them to remotely connect and gain unauthorised control at any time, bypassing firewalls and other security measures.
Context
The ISO 27001 standard does not specifically use the term backdoor but addresses the underlying risk. The standard requires organisations to manage access control (ISO 27001 Annex A 5.15 Access Control) and system acquisition, development, and maintenance (ISO 27001 Annex A 5.21 Managing Information Security In The ICT Supply Chain) to prevent unauthorised access and ensure that no unintended vulnerabilities are introduced into systems. The presence of a backdoor would be considered a major vulnerability that an organisation would need to identify and manage.
