Zscaler has announced the release of “Exposed”, the industry’s first global report on the state of corporate attack surfaces. Based on data sourced between February 2020 and April 2021, the report provides a first-ever look at the impact of attack surface exposure during the COVID-19 pandemic.
As businesses began offering more remote work options, their attack surfaces grew concurrently with their dispersed workforce. Coupled with increased reliance on public cloud services and vulnerable enterprise VPNs, large organizations not using zero trust security became more vulnerable to network intrusion attacks. “Exposed” identifies the most common attack surface trends by geography and company size while spotlighting the industry’s most vulnerable to public cloud exposure, malware, ransomware, and data breaches.
“The sheer amount of information that is being shared today is concerning because it is all essentially an attack surface,” said Nathan Howe, Vice President, Emerging Technology at Zscaler. “Anything that can be accessed can be exploited by unauthorized or malicious users, creating new risks for businesses that don’t have complete awareness and control of their network exposure.
While attack surface vulnerabilities impact organizations of all sizes, major international companies with more than 20,000 employees are more vulnerable due to their distributed workforce, infrastructure, and greater number of applications that need to be managed.
To better understand the scale of the problem, Zscaler analyzed organizations in all geographies, partitioning the findings from 53 countries into three regions for ease of understanding – the Americas, EMEA, and APAC.
The Asia–Pacific companies included in the report had an average of 80 Common Vulnerabilities and Exposures (CVE) possible vulnerabilities. However, Asia–Pacific companies were in better stead compared to their counterparts in EMEA in (164 CVEs) and the Americas (132 CVEs).
In addition to presenting geographic data, the report tracked corporate attack surfaces by industry, pinpointing the types of organizations most likely to be targeted by cybercriminals. The report analyzed a diverse group of companies, spanning 23 different industries, and found that telecommunications organizations were the most vulnerable and had the highest average number of outdated protocols in their servers.
Telecom companies had the third highest average of exposed servers to the internet, increasing the risk of being targeted by cybercriminals for DDoS and double extortion ransomware attacks.
The report also showed that the hospitality industry – including restaurants, bars, and food service vendors – had the highest average of exposed servers and public cloud instances; with AWS instances exposed 2.9 times more often than any other cloud providers. With the COVID-19 pandemic pushing many restaurants to offer online ordering, the rapid adoption of digital payment systems has increased risks for both businesses and customers.
Three Steps to Reduce an Attack Surface
With the number of cyberattacks increasing daily, business IT teams must minimize their attack surface as part of an overall organizational security policy.
Without comprehensive security measures, such as a zero-trust model, digital transformation initiatives and cloud migration efforts can also create new vectors of attack and threaten business continuity, professional reputation, and employee safety. Although no approach will be completely effective, Zscaler recommends the following tips for minimizing corporate network risks:
• Get visibility into your risk of exposure: Knowing your visible attack surface is key to effective risk mitigation. As more and more applications move to the cloud, it becomes mission-critical to be aware of entry points that are exposed to the internet. Remember, you can’t attack what you can’t see.
• Recognize the failings of VPNs and firewalls: In the age of cloud and mobility, these perimeter-based technologies significantly increase your attack surface. Stay current with the latest updates to the CVE database. Be sure to remove support for older TLS versions from servers to reduce risk.
• Make apps invisible to threats with Zero Trust: Applications protected behind the Zscaler Zero Trust Exchange are not visible or discoverable, thus removing an attack surface. The Zero Trust Exchange helps IT security teams ensure that no entity (user or application) is inherently trusted, while helping improve user productivity, mitigate risk, increase business agility and reduce cost and complexity.