Palo Alto Networks releases 2021 Cortex Xpanse Attack Surface Threat report
Published on : Saturday 22-05-2021
Lessons in attack surface management from leading global enterprises.
Mumbai, May 2021: Palo Alto Networks has released the 2021 Cortex Xpanse Attack Surface Threat Report, which highlights lessons in attack surface management from leading global enterprises.
The Palo Alto Networks Cortex® Xpanse™ research team studied the public-facing internet attack surface of some of the world's largest businesses to help enterprises. From January to March, they monitored scans of 50 million IP addresses associated with 50 global enterprises to understand how quickly adversaries can identify vulnerable systems for fast exploitation.
Key Reveals:
· Adversaries are constantly scanning for weaknesses in the public-facing internet attack surface of enterprises, in the cloud and traditional data centres. Attackers scan for vulnerable systems once an hour on a typical day, but this activity picks up dramatically when new vulnerabilities are disclosed.
· Scans started within 5 minutes after disclosure of the high-profile zero-day vulnerabilities in Microsoft's widely used Exchange Server.
· Scans started within 15 minutes after most vulnerabilities were announced.
· Global enterprises are far behind the attackers. It takes weeks for such scans to begin.
· Vulnerabilities in the public-facing internet of global enterprises are widespread. One serious vulnerability turned up twice a day, or every 12 hours, in the global enterprises we studied.
As global enterprises transformed their operations to support remote work that created security gaps:
· 79% of observed exposures were in the cloud, compared to 21% for on-premises data centres.
· Nearly one in three vulnerabilities uncovered were due to issues with Remote Desktop Protocol (RDP), whose usage has soared to enable remote work. It can provide direct admin access to a server, which makes it one of the most common gateways for ransomware.
Concerns about digital transformation introducing security gaps not only proved grounded but also understated the impact.
In reality, digital transformation has realigned the risk equilibrium in the attacker's favour. Most tools in IT and security's arsenal, viz., asset and vulnerability management, focus on evaluation but not discovery. In other words, these tools manage known assets while remaining blind to unknown ones. Worse yet, the common methods of discovering unknown assets—such as pen-testing—take place on a quarterly basis.
Cortex Xpanse operates a proprietary platform that continuously collects more than one petabyte per day of information related to all systems on the public internet to ascertain how attackers view potential targets. We fuse this information to discover cybersecurity risks present on the networks of the world's largest and most complex organisations, which no one else can find. Our technology helps our customers see the world through the eyes of highly sophisticated attackers.
For this report, they looked at the attack surface and threat data coming from 50 global enterprises, including a subset of the Fortune 500, covering around 50 million IP addresses from Q1 2021 (January 2021 – March 2021) and representing 1% of total, global IPv4 space.
Full report attached for reference: https://www.attacksurfacetop10.com/assets/Cortex-Xpanse-ASM_Report.pd
.jpg)
.jpg)
.jpg)
.jpg)
.jpg)