Cybersecurity report reveals critical business vulnerabilities

Across the business sector, companies are reporting a higher-than-ever frequency of cyberattacks and cybercrime.

This is in part due to COVID-19 — hackers, wanting to take advantage of the chaos caused by the pandemic, growing digitalization, and the pivot to work-from-home, have stepped up their attack efforts over the past 18 months.

All businesses — from small ecommerce retailers to major oil and gas companies — are at risk. However, predicting which assets hackers will attack can be challenging, potentially making business networks harder to defend.

Exploitable assets become a liability

According to data from a new Randori report, titled “The Attack Surface Report,” 1 in 15 organizations are running vulnerable versions of SolarWinds. Some of these versions contain exploits that can provide attackers with unauthenticated remote code execution, granting the hackers access to full control of a system.

As attacks become more frequent, exploitable assets can become a serious liability for businesses.

To assist businesses with identifying vulnerable assets, Randori has developed a measure that aims to predict how tempting a given asset is to cybercriminals.

The “Temptation Score” is calculated using a proprietary weighting of six asset characteristics, including enumerability, criticality, post-exploitation potential, and research potential.

Randori observed more than 100,000 assets with these characteristics to develop the new metric and gather data on the state of internet-exposed assets.

The report notes that many organizations continue to use vulnerable versions of SolarWinds, and goes on to describe why the company considers these assets tempting for hackers.

SolarWinds is particularly attractive to hackers due to its wide usage and prevalence of well-known exploits. Other examples of vulnerable software with high Temptation Scores include Microsoft IIS 6, remote desktop protocols (RDPs), VPNs such as Cisco’s Adaptive Security Appliance (ASA), or Citrix NetScaler.

According to the report, at least 15% of companies have an exposed version of IIS 6 online, 38% of organizations use Cisco’s ASA firewall, and 46% of organizations are running Citrix…