The average FTSE 250 company exposes 35 different avenues of attack for would-be hackers, according to a report, despite the vast majority having “serious issues” with keeping business-critical systems up to date.
According to the cybersecurity company Rapid7’s report, created by scanning for systems and devices used by FTSE 250 corporations that are visible on the public internet, the 35 different “attack surfaces … neither good nor bad, but each exposed node … potentially boosts the opportunity for attackers to gain a foothold.
“To put it another way, each exposed server or device must be properly configured, managed, patched and defended to reduce the risk of a cyber-attack.”
Unfortunately, “FTSE 250+ organisations in every sector had serious issues with patch/version management of business-critical internet-facing systems”, the report said. Most of Britain’s largest companies, Rapid7 found, “are running older and often unsupported versions of the three most prolific web servers” – Microsoft’s IIS and the open source Apache and nginx services.
“It’s vital that organisations keep an up-to-date inventory of what they’re exposing and work to ensure they are using supported and patched version of software,” Rapid7 said.
Keeping older versions of popular software packages on the internet can pose serious risks to organisational security. The software vulnerability that lay at the heart of the WannaCry outbreak had been fixed months before the ransomware took down a chunk of the internet and paralysed the NHS, but many organisations had been unable to update their software in time.
Last week, the US National Security Agency issued a public security advisory warning Windows users to update to the latest version due to a security flaw known as BlueKeep, which affects a number of older versions of Windows and could potentially be used to create self-spreading malware similar to WannaCry.
In 2016, Rapid7 carried out a similar project to scan the internet for vulnerabilities, but focused on the national scale. It found Belgium topped the list of nations most vulnerable to hacking, due to the number of insecure connections hosted from the country’s IP addresses. Tajikistan came second, and Samoa third.
Source - The Guardian available here