sb-nz logo
Story image

42% more plaintext HTTP servers than HTTPS counterparts - report

05 Aug 2020

There are 42% more plaintext HTTP web servers than there are encrypted HTTPS servers, according to a report released recently by Rapid7.

The company’s National/Industry/Cloud Exposure Report (NICER) shed light on the changing internet risk landscapes of 2020, and other issues facing cybersecurity teams.

According to the report, the United States leads the world in the prevalence of dangerous or otherwise flawed protocols, like FTP, Telnet and open and insecure databases. Following the US is China, South Korea, the UK, Germany and Brazil, with Australia coming in at 14th place.

Here are some of the highlights of the report:

Top companies remain at risk

The report found that unpatched services with known vulnerabilities were rife among the top publicly traded companies in advanced economies – with particular issues in the financial services and telecommunications industries.

These sectors both have thousands of high-rated common vulnerabilities and exposures (CVEs), with this problem expected to become exacerbated during worsening economic prospects amidst the COVID-19 pandemic.

Internet exposure has improved

Dangerous or insecure services, like those based on SMB or rsync file sharing protocols, have seen an average annual decrease of 13%. 

Meanwhile, protocols with bolstered security like SSH (Secure Shell) and DoT (DNS-over-TLS) have increased overall, the report found.

These findings contradict the doom-and-gloom predictions by many commentators that there would be a jump of newly exposed insecure services such as Telnet and SMB with the sudden shift to work-at-home for millions of people and the continued rise of Internet of Things (IoT) devices crowding residential networks.

Patches leave a lot to be desired

Rapid7’s report found that only 73% of internet-facing Citrix systems have the latest patches or mitigations in place, with the remaining 27% either being vulnerable or ‘woefully outdated’.

Worldwide, patch and update adoption continue to be slow for a wide range of internet services, even for modern services with reports of active exploitation. 

This is particularly true in the areas of email handling and remote access where, for example, 3.6 million SSH servers are sporting versions between five and 14 years old.

Australia performs well, comparitively

Rapid7 says Australia has done particularly well in addressing insecure and dangerous systems.

“Organisations in Australia have actually improved the security of internet services in the last year,” says Rapid7 vice president for Asia Pacific and Japan, Neil Campbell.

 “Unfortunately, cyber-attackers have seen that and are now targeting the human factor as well. In addition to upgrading insecure services and patching systems, there are some fundamental human behaviours that have to be addressed. 

“The only way to do that is through cyber awareness training.”

Campbell also sounded a warning about VPN concentrators and remote access services which many organisations have become more reliant on since coronavirus. 

“These have become the new Adobe Reader, which was a go-to attack vector at the height of its popularity and often went unpatched,” he says. 

“Even where the services are encrypted, the risk of remote code execution vulnerabilities or credential stuffing attacks means they are only really safe when patches are up to date and multi-factor authentication is used.”

Download image
Network functions virtualisation: What is is, how to use it, and why it matters
Network functions virtualisation (NFV) is fast becoming the go-to method of simplifying corporate networks from planning, through deployment and management.More
Link image
Huawei APAC FSI Data Storage Summit: Key takeaways
Missed the action? Catch the Summit on-demand & learn more about the latest trends in data storage.Watch Now
Story image
Is cyber deception the latest SOC 'game changer'?
Cyber deception reduces data breach costs by more than 51% and Security Operations Centre (SOC) inefficiencies by 32%, according to a new research report by Attivo Networks and Kevin Fiscus of Deceptive Defense.More
Link image
How to better protect your organisation's most valuable asset - its data.
Data resilience strategies are becoming increasingly critical in relation to the skyrocketing value of data and the proliferation of malicious entities wishing to steal it.More
Story image
Video: 10 Minute IT Jams - The benefits of converged cloud security
Today, Techday speaks to Forcepoint senior sales engineer and solutions architect Matthew Bant, who discusses the benefits of a converged cloud security model, and the pandemic's role in complicating the security stack in organisations around the world.More
Story image
Malware and email scams targeting employees spread rapidly in Q2
"Businesses must stay alert and should employ defense-in-depth tactics and equip themselves with multilayered security mechanisms, including high-sensor spam filters and a VPN connection, which would prevent malicious pages from opening."More