Because of the COVID-19 pandemic the rise in the use of cloud services has raised concerns about the security of corporate networks. Many businesses started to introduce working from home during the pandemic and relying on such services as Remote Desktop Protocols (RDP), Virtual Private Networks (VPN) and application suites like Microsoft Office 365 or Google Workspace.
This method of working has increased the likelihood of attackers gaining access to sensitive information, as the attack surface has increased for them.
Zscaler, a cybersecurity company, has recently discovered almost 400,000 exposed servers, over 200,000 exposed ports, and over 60,500 exposed cloud instances across the networks of 1,500 companies. It claimed the biggest companies had an average of 468 server exposed, while large firms have about 209 at risk. The findings were presented in its 2021 “Exposed” report.
The term “exposed” was used by researchers to describe the services that anyone can connect to if they discover them, this includes remote and cloud services.
Among 202,000 Common Vulnerabilities and Exposures (CVEs) researchers discovered almost half were classified as critical or high-level. These vulnerabilities can be exploited by cyber criminals to compromise corporate networks, and prepare the ground for next-stage cyberattacks including data theft, ransomware and other malware campaigns, researchers said.
“The sheer amount of information that is being shared today is concerning because it is all essentially an attack surface. Anything that can be accessed can be exploited by unauthorized or malicious users, creating new risks for businesses that don’t have complete awareness and control of their network exposure,” said Nathan Howe, vice president for emerging technology at Zscaler.
Large and international businesses are most at risk due to their size and distributed workforce. A global workforce can make it harder to identify anomalous activity, as employees are accessing the network from around the world.
In their report, Zscaler advises how to minimize an organisation’s network attack surface and best practices that can help prevent exploitation.
“By understanding their individual attack surfaces and deploying appropriate security measures, including zero trust architecture, companies can better protect their application infrastructure from recurring vulnerabilities that allow attackers to steal data, sabotage systems, or hold networks hostage for ransom,” said Howe.