The report discovered that 88% of current internet-related risks are driven by misconfigurations and exposures
Ann Arbor, Michigan.And the September 12, 2022 /PRNewswire/ – today, sensesthe leading attack surface management (ASM) company, announced its inaugural launch Internet Status ReportA comprehensive view of the risks of the Internet and the exposure of institutions to them. This first-of-its-kind report also provides perspective on how security practitioners have addressed several vulnerabilities over the past 18 months, while providing guidance for organizations on how to prioritize and evaluate security maintenance for their Internet-connected business assets.
The inaugural report compiled by Censys’ research team is inspired by the company’s technology, which maintains the most comprehensive view of online assets by continuously scanning the public IPv4 address space across more than 3,600+ popular ports. The mission of the Censys research team is to conduct timely and critical research on Internet exposure and to enable the broader cybersecurity community to take rapid action that mitigate future problems.
By carefully examining the most prevalent ports, services, and software on the Internet, and the systems and regions in which they are run, the research team at Censys discovered that Misconfigurations and exposures account for 88% risks and vulnerabilities over the Internet. Using Censys’ Internet-wide scanning capabilities and risk detection fingerprints, the State of the Internet report provides a view of assets and vulnerabilities across an organization’s Internet infrastructure in three divisions: the Internet as a whole, the Internet’s attack surface, and the organizations’ attack surfaces.
“Assessing the state of the internet is critical in understanding the risks and exposures of the organization,” said Zakir Duromeric, co-founder and chief scientist at Censys. “Censys’ unique perspective on the Internet provides a comprehensive view of the potential consequences of misconfigurations, while identifying the critical need for security teams to increase visibility and understanding to make smart security decisions.”
Censys’ State of the Internet 2022 report found that:
- wrong configurations – including unencrypted services, weak or missing security controls, and self-signed certificates – They constitute approximately 60% of the observed risks. When analyzing the risk profile of organizations across industries, the lack of common security addresses is responsible for the underlying security error.
- exposures of services, devices and information account for 28% of the observed risks. This includes everything from the accidental database to device exposures.
- Critical vulnerabilities and advanced exploits account for only 12% of the observed risks. When analyzing organizations by industry, the computer and information technology industries had the widest spread of various risks, while freight forwarding and postal services had the second largest.
Censys researchers also conducted a comprehensive assessment of the Internet’s response to three major vulnerabilities – Log4j, GitLab and Confluence – to understand mitigation strategies based on how the vulnerability is perceived. From this analysis, Censys has learned how the Internet responds differently to detection of vulnerabilities.
Censys notes three distinct types of behavior in response to disclosure of vulnerabilities:
- Almost instant upgrade: Systems vulnerable to Log4j acted quickly based on the wide coverage of the vulnerability. by March 2022Censys noted that only 36% of potentially vulnerable services were not fixed.
- Upgrade only after the vulnerability is actively and extensively exploited: While exploiting the GitLab vulnerability, the repair process was slower than others until researchers discovered a botnet of thousands of compromised GitLab servers participating in DDoS campaigns.
- Almost instant response by completely removing the vulnerable instance from the Internet: Instead of upgrading, users chose to completely remove the assets from the Internet after the Confluence vulnerability became public among June 2021 And the March 2022.
The Internet is constantly evolving as new technologies emerge, vulnerabilities are discovered, and organizations expand their operations that interact with the Internet. Security teams have a responsibility to protect their organizations’ digital assets and need proper visibility into the entire landscape to do so. While vulnerabilities often grab the headlines, it’s faulty configurations and undetected exposures that create the most risk to the enterprise, making it important to regularly evaluate any new hosts or services that appear in your infrastructure. Regardless of the type of vulnerability, providing organizations with the insight and tools to strengthen their security posture offers a proactive and more vigilant approach to managing digital risks.
To download the full report, visit: https://censys.io/state-of-the-internet-report/
To learn more about Censys’ approach to organizational vision, visit: https://www.censys.io.
Censys, Inc. ™ It is the leading provider of persistent attack surface management. Founded in 2013 in Ann Arbor, MichiganCensys provides organizations with the world’s most comprehensive, real-time view of global networks and devices. Customers like FireEye, Google, NATO, the Swiss Armed Forces, the US Department of Homeland Security, and more than 10% of the Fortune 500 rely on the company’s online persistent visibility platform to detect and prevent cybersecurity threats. At Censys, you can be yourself. We like it this way. Diversity enhances our mission, and we are committed to inclusion across race, gender, age and identity. To learn more, visit censys.io and follow Censys on Twitter.