The global Covid-19 disease and recession, with the uncertainty they bring, appear to have had no obvious effect on the fundamental nature of the internet. That’s ‘frankly shocking’, according to a report by a cloud security and analytics company.
The UK is the fourth most exposed country to cyber vulnerabilities behind the US, China and South Korea. Rapid7’s National Industry Cloud Exposure Report (NICER) for 2020 also finds that despite efforts by the UK’s official National Cyber Security Centre (NCSC) to encourage exposure reduction, the UK’s share of SMB servers has increased by 22 per cent from the same period in 2019.
However, the increase in SMB was offset by a 21pc reduction in exposed Telnet services and 11pc reduction in exposed FTP services. While the UK has fewer total vulnerabilities per-exposed service/system than other countries due to efforts by the NCSC, these vulnerabilities account for under 38.4pc of all exposed surfaces. According to the cyber firm, this is showing more work needs to be done on the vulnerability management side by organisations and hosting providers.
The researchers calculated a country’s risk by measuring the total attack surface (which reviews how much of a business is exposed to attacks); the total exposure of selected surfaces such as SMB and Telnet (which should never be exposed); the number of CVEs present, as more known vulnerabilities means more exposure; the distribution of vulnerability rates and the maximum vulnerability rate.
The report also found that globally, unencrypted, cleartext protocols are still heavily used with 42pc more plaintext HTTP servers than HTTPS, three million databases awaiting insecure queries, and 2.9 million routers, switches, and servers accepting Telnet connections. Patch and update adoption continues to be slow, especially in remote console access where, for example, 3.6 million SSH servers are sporting versions between five and 14 years old.
Some welcome good news that there has been an average 13pc year-over-year decrease in exposed, dangerous services such as SMB, Telnet, and rsync. Each of the findings in this report are broken down by country, industry sector, and protocol, with sections on the effect of the pandemic and technological shifts like the movement to the cloud. This helps diagnose what is vulnerable, what is improving or getting worse, and what solutions are available for policymakers, business leaders, and innovators to make the internet more secure.
Tod Beardsley, research director at Rapid7 said: “The entire world has been coping with a pandemic, alongside a near immediate economic recession following the resultant lockdown. At Rapid7, we were already planning on producing another survey of the internet and the state of security worldwide but have had a unique opportunity to capture this unprecedented period of tumult as it reshapes our world in sudden, chaotic ways.
“This report is the most comprehensive census of the internet during a time of dramatic change for businesses around the world — it really had allowed us to gain a very unique perspective.
“Our aim is to show business leaders, policymakers and innovators that they have a real opportunity to shape the security of the internet of the future, by making them aware of the state of today’s internet. In doing so, we hope that UK businesses will limit what they expose to the internet. Businesses shouldn’t treat the internet as a utility — it’s dangerous. Rather, they should be aware that they are constantly being judged by their internet presence, whether that’s by hackers, cyber insurers, researchers, customers or prospects. How they present themselves on the internet will ultimately impact their bottom line.”
See also the company’s blog.
