A cloud security firm has released “Exposed”, a report on the state of corporate attack surfaces, during the covid-19 pandemic. Based on data sourced between February 2020 and April 2021, Zscaler notes that as businesses began offering more remote work options, their attack surfaces grew concurrently with their dispersed workforce. Add reliance on public cloud services and vulnerable enterprise VPNs, large organisations not using zero trust security became more vulnerable to network intrusion attacks, the report suggests.
Nathan Howe, Vice President, Emerging Technology at Zscaler, said: “The sheer amount of information that is being shared today is concerning because it is all essentially an attack surface. Anything that can be accessed can be exploited by unauthorised or malicious users, creating new risks for businesses that don’t have complete awareness and control of their network exposure. Our goal with this report is to provide a view of what the internet sees of a company’s information landscape and offer useful tips on how to mitigate risk. By understanding their individual attack surfaces and deploying appropriate security measures, including zero trust architecture, companies can better protect their application infrastructure from recurring vulnerabilities that allow attackers to steal data, sabotage systems, or hold networks hostage for ransom.”
While attack surface vulnerabilities impact organisations of all sizes, major international companies with more than 20,000 employees are more vulnerable due to their distributed workforce, infrastructure, and greater number of applications that need to be managed, according to the survey. The firm analysed organisations across countries, partitioning the findings from 53 into three regions for ease of understanding – the Americas, EMEA, and APAC.
The report found that while 59 percent of surveyed organisations were based in the Americas, the EMEA region led the world in overall exposure and potential risk, with 164 CVE vulnerabilities. EMEA-based businesses had the most exposed servers, with an average of 283 exposed servers and 52 exposed public cloud instances each. They were also more likely to support outdated SSL/TLS protocols and had greater risk of CVE vulnerabilities on average. The EMEA region was followed by the Americas, with 132 CVE’s (20 percent lower than EMEA), and APAC, with an average of 80 CVE possible vulnerabilities (51 percent lower than EMEA).
While the report suggested that EMEA businesses had the most online exposure, all regions showed vulnerabilities, making it critical the firm added for IT teams to adopt best practices, including zero trust security, to minimise the attack surface and eliminate exposure no matter where they are based.
The report tracked corporate attack surfaces by industry, pointing to types of organisations most likely to be targeted by cyber criminals. The report analysed 23 industries, and found that telecommunications was the most vulnerable and had the highest average number of outdated protocols in their servers. Telecom companies had the third highest average of exposed servers to the internet, increasing the risk of being targeted by cybercriminals for DDoS and double extortion ransomware attacks.
The report also showed that the hospitality industry – such as restaurants and bars – had the highest average of exposed servers and public cloud instances; with AWS instances exposed 2.9 times more often than any other cloud providers. With the pandemic pushing many restaurants to offer online ordering, the rapid adoption of digital payment systems has increased risks for businesses and customers, the report suggests.
