Vast amounts of companies are leaving their corporate networks exposed, experts have revealed, risking the possibility of a second WannaCry-style malware outbreak.
The National Exposure Index report, compiled by security firm Rapid7, revealed that internal file-sharing systems were being exposed by over one million unsecured endpoints, potentially exposing business-critical systems and data to malicious external hackers.
The vast majority of the vulnerable endpoints observed by Rapid7 - more than 800,000, in fact - were Windows systems that used the server message block (SMB) protocol. A vulnerability in this protocol is one of the main reasons behind the swift and prolific spread of the WannaCry ransomware earlier this year, which used the flaw to propagate across the internet.
Running a scan for SMB port 455 revealed over 5.5 million responsive nodes, and Rapid7 warned that blocking these ports from being publicly-addressable could go a long way towards stopping the spread of similar attacks to WannaCry in the future.
However, the report did note some areas of improvement. Belgium, last year's most exposed country, did not even make the top 50 in 2017's report after 250,000 publicly-exposed servers had their access culled.
Similarly, there has been a 33% drop in the amount of telnet exposure. This was partly judged to be a result of ISPs blocking access to port 23 in response to the Mirai botnet - although Rapid7 also noted that it was likely due in part to nodes being knocked offline by Mirai itself.
Zimbabwe, Hong Kong and Samoa topped this year's list of the most exposed countries. The UK came in at number 37, despite having the world's fourth-largest allocation of IPv4 addresses.
"The UK's position at #37 on the National Exposure Index is reflective of the fact that while it is generally in line with similar nations' exposure, the UK has an uncomfortably high exposure rate of qualified SMB," Rapid7 said as part of the report. "IT administrators and internet service providers in the UK would do well to review what is both allowed and expected to be available on the internet."
-
Pure Storage’s expanded partner ecosystem helps fuel Q3 growthNews The data storage vendor has announced a 16% year-over-year revenue hike in its latest earnings report, driven by continued channel and product investment
-
Partners have been ‘critical from day one’ at AWS, and the company’s agentic AI drive means they’re more important than everNews The hyperscaler is leaning on its extensive ties with channel partners and systems integrators to drive AI adoption
-
15-year-old revealed as key player in Scattered LAPSUS$ HuntersNews 'Rey' says he's trying to leave Scattered LAPSUS$ Hunters and is prepared to cooperate with law enforcement
-
The Scattered Lapsus$ Hunters group is targeting Zendesk customers – here’s what you need to knowNews The group appears to be infecting support and help-desk personnel with remote access trojans and other forms of malware
-
Impact of Asahi cyber attack laid bare as company confirms 1.5 million customers exposedNews No ransom has been paid, said president and group CEO Atsushi Katsuki, and the company is restoring its systems
-
The US, UK, and Australia just imposed sanctions on a Russian cyber crime group – 'we are exposing their dark networks and going after those responsible'News Media Land offers 'bulletproof' hosting services used for ransomware and DDoS attacks around the world
-
A notorious ransomware group is spreading fake Microsoft Teams ads to snare victimsNews The Rhysida ransomware group is leveraging Trusted Signing from Microsoft to lend plausibility to its activities
-
Volkswagen confirms security ‘incident’ amid ransomware breach claimsNews Volkswagen has confirmed a security "incident" has occurred, but insists no IT systems have been compromised.
-
The number of ransomware groups rockets as new, smaller players emergeNews The good news is that the number of victims remains steady
-
Teens arrested over nursery chain Kido hacknews The ransom attack caused widespread shock when the hackers published children's personal data
