"36% Of Orgs Expose Insecure FTP Protocol to the Internet, and Some Still Use Telnet"
According to the ExtraHop Benchmarking Cyber Risk and Readiness report, a significant percentage of organizations expose insecure or highly sensitive protocols, such as SMB, SSH, and Telnet, to the public Internet. Whether intentional or unintentional, these exposures broaden any organization's attack surface by providing cyberattackers with an easy entry point into the network. Governments and security experts worldwide have noticed a significant increase in cyberattack activity since Russia's invasion of Ukraine. The Cybersecurity and Infrastructure Security Agency (CISA) and other government agencies such as ENISA, CERT-EU, ACSC, and SingCERT have urged businesses to focus on improving their overall security postures, beginning with reducing the likelihood of a damaging cyber intrusion. These agencies advise organizations to disable all unnecessary or insecure ports and protocols. ExtraHop conducted an analysis of enterprise IT environments in the new report to benchmark organizations' cybersecurity posture based on open ports and sensitive protocol exposure so that security and IT leaders can assess their risk posture and attack surface visibility in comparison to other organizations. SSH is the most vulnerable protocol. It is a well-designed protocol with strong cryptography that enables secure access to remote devices. It is also one of the most widely used protocols, making it a popular target for cybercriminals seeking to access and control enterprise devices. Sixty-four percent of organizations have at least one device exposed to the public Internet that uses this protocol. This article continues to discuss the key findings from ExtraHop's analysis.