- IT 리더가 지목한 AI 가치 실현의 최대 걸림돌은 ‘비용 관리’
- Los CIO consideran que la gestión de costes puede acabar con el valor de la IA
- 칼럼 | AI 에이전트, 지금까지의 어떤 기술과도 다르다
- The $23 Echo Dot deal is a great deal to upgrade your smart home this Black Friday
- Amazon's Echo Spot smart alarm clock is almost half off this Black Friday
Over 60% of Organizations Expose SSH to the Internet
A majority of global organizations are exposing sensitive and insecure protocols to the public internet, potentially increasing their attack surface, according to ExtraHop.
The vendor analyzed a range of enterprise IT environments to benchmark cybersecurity posture based on open ports and sensitive protocol exposure.
It found that 64% of those studied have at least one device exposing SSH, which could allow attackers to probe it for remote access.
The research also revealed that over a third (36%) of organizations are exposing at least one device via the insecure file transfer protocol (FTP), which sends files in plain text, meaning they can be easily intercepted.
Over two-fifths (41%) had at least one device exposing LDAP, which looks up usernames in Active Directory. The protocols transmits queries in plain text, potentially putting credentials at risk.
Astonishingly, ExtraHop also found that 12% of organizations still have at least one device exposing Telnet to the public internet, even though the remote connectivity protocol has been deprecated since 2002.
SMB, which was famously targeted by WannaCry and other attacks, is another common security risk for enterprises. Over half (51%) of healthcare and 45% of SLED organizations had multiple devices exposing the protocol.
ExtraHop CISO Jeff Costlow branded ports and protocols “the doors and hallways” which attackers use to explore networks and launch attacks.
“That’s why knowing which protocols are running on your network and what vulnerabilities are associated with them is so important,” he added.
“This gives defenders the knowledge to make an informed decision about their risk tolerance and take actions – such as maintaining a continuous inventory of software and hardware in an environment, patching software quickly and continuously, and investing in tools for real-time insights and analysis – to improve their cybersecurity readiness.”