- Orbia streamlines security across global sites with SASE
- Dell adds to PowerEdge server lineup
- Cerebras claims record in molecular dynamics simulations, says it’s 748x faster than Frontier supercomputer
- The Overlooked Danger Within: Managing Insider Threats
- ICO Urges More Data Sharing to Tackle Fraud Epidemic
Proprietary Research From Tenable Calculates External Attack Surface of Brazil’s Largest Organizations
Data reveals 100% of organizations still rely on a legacy security protocol
dating back to 1999
Brazil’s largest organizations have an average of 5,700 internet-facing assets
Research data from Tenable®, Inc., the Exposure Management company, illuminates the immense challenge Brazilian organizations face in identifying and protecting their internet-facing assets. An inventory of the external attack surface of 20 of Brazil’s largest organizations1 [as listed by BOVESPA] were examined on Monday, April 24, 2023. The results show how complex, geographically dispersed, and hybrid these environments have become, and illustrate the sheer scale of the cybersecurity architecture that needs to be secured.
The research reveals that, of the companies examined, most have a sprawling expanse of internet-facing assets2, with an average of 5,755 to identify and protect. One organization alone has just under 35,000 such assets.
“The modern business world continues to drive towards the digitization of everything. As a result, we see an increasing number of internet-facing assets belonging to businesses of all sizes and across all industries. Each and every internet-facing asset, whether mission critical or not, is a potential exploitable entry point into an organization. Attackers are constantly surveilling the attack surface maps of the organizations they target for any weak link – especially assets the organization doesn’t know they own,” stated Jeremiah Grossman, Vice President of Engineering, Tenable.
The challenge of identifying and updating outdated technology
One striking observation is that 100% of organizations had web-based assets that still support TLS 1.0 [a security protocol first defined in 1999 for establishing encrypted channels over computer networks] that was disabled by Microsoft in September [2022]. Over 20% of companies had instances of SSLv2 and over 60% had instances of SSLv3 – the predecessor to TLS. In addition to the risk this poses to sensitive internet traffic, this is just one example demonstrates how challenging it is for organizations to identify their internet footprint and update outdated technologies.
Notable variation of cloud assets
The vast array of internet-facing assets is supported by a complex cloud infrastructure built upon public services, further complicating each organization’s attack surface2 and making it more difficult to identify, monitor and protect. Amongst the 20 large organizations studied, Tenable found notable variations in how large organizations leverage public cloud3 providers. For example, 1 out of every 4 organizations delivers over 70% of their internet-facing assets via the cloud, while 1 in 5 organizations delivers less than 20% via cloud. Across all companies studied, on average they deliver 38% (median 38%) of their internet-facing assets via public cloud3.
Within the three cloud vendors studied, Amazon Web Services delivers the majority, accounting for an average 64% of assets hosted in the cloud, with Microsoft and Google sharing the remainder. This leaves organizations reliant on a third party to apply the same stringent controls to protect their data and systems.
Geographically dispersed assets
Looking at the geographical disbursement of these organizations, the study identified that on average, their assets are located in or delivered from 22 different countries. In fact, only 23% of assets are located in or delivered through Brazil, with 51% through the U.S. This has implications from a data protection perspective.
“The rising number of cyberattacks in Brazil means that cybercriminals are finding holes in our current defenses. As Brazilian businesses continue to evolve, it’s imperative for security professionals to adopt an exposure management strategy to reduce their cyber risk. Organizations should proactively maintain a constant, in-depth understanding of their assets in order to identify and prioritize security risks before they are exploited.” Arthur Capella, Country Manager, Tenable Brazil.
Key Findings:
- Total Internet-facing Assets: Average 5,755 / Median 1,279
- Assets Hosted in the Cloud (Amazon, Microsoft, Google): Average 38% / Median 28%
- Cloud-Asset Marketshare by Vendor: Amazon (Average 64% / Median 66%), Microsoft (Average 24% / Median 21%), Google (Average 12% / Median 10%)
- Number of Countries: Average 22 / Median 17
- Assets Located or Delivered though Brazil: Average 23% / Median 17%
- Assets Located or Delivered though the U.S.: Average 51% / Median 47%
- Assets Supporting TLS 1.0: Average 248 / Median 105
- Assets Supporting TLS 1.1: Average 284 / Median 185
- Assets Supporting SSLv2: Average 1 / Median 0
- Assets Supporting SSLv3: Average 4 / Median 2
For further information visit www.tenable.com.
About Tenable
Tenable® is the Exposure Management company. Approximately 43,000 organizations around the globe rely on Tenable to understand and reduce cyber risk. As the creator of Nessus®, Tenable extended its expertise in vulnerabilities to deliver the world’s first platform to see and secure any digital asset on any computing platform. Tenable customers include approximately 60 percent of the Fortune 500, approximately 40 percent of the Global 2000, and large government agencies. Learn more at tenable.com.
Notes to Editors:
- Tenable examined 20 companies, chosen at random from Índice Bovespa*
- In the context of this alert:
- An asset is a domain name, subdomain, or IP addresses and/or combination thereof of a device connected to the Internet or internal network. An asset may include, but not limited to web servers, name servers, IoT devices, network printers, etc. Example: foo.tld, bar.foo.tld, x.x.x.xs.
- The Attack Surface is from the network perspective of an adversary, the complete asset inventory of an organization including all actively listening services (open ports) on each asset.