Associations are presenting more than 300 new services every month, adding to almost 32% of high or critical cloud exposures, according to a new report by Palo Alto Organizations’ Unit 42.
This fast extension of digital services is making an intricate cybersecurity landscape, the firm cautioned, making it progressively hard for organizations and government entities to keep a precise stock of their IT resources, which are prime targets for attackers.
The Attack Surface Threat Report highlights that 73% of high-risk exposures are stemmed from three main categories.
- Business operations applications
- Remote access services
- IT and networking infrastructure
These categories can be exploited for lateral movement and data exfiltration, posing significant organizational risks.
Notably, over 23% of these exposures are involved with critical IT and security infrastructure, leaving essential networking and security appliances vulnerable to opportunistic attacks.
Vulnerabilities in application-layer protocols like SNMP, NetBIOS and PPTP, as well as internet-accessible administrative login pages for routers, firewalls, VPNs and other core networking and security appliances, further exacerbate these risks.
The media and entertainment sector adds in excess of 7000 new administrations month to month. Different areas, including broadcast communications, protection and pharma and life sciences, additionally face significant increments, with north of 1000 new administrations added to their assault surfaces. Basic businesses like monetary administrations, medical care and assembling each present north of 200 new services.
The analysis conducted by Unit 42 also revealed that 25% of observed incidents are accounted for by IT and networking infrastructure vulnerabilities, including weaknesses in protocols and configurations.
Additionally, over 23% of total exposures are represented by remote access services such as RDP and SSH, with significant security risks posed due to improper configurations.
The report outlined a framework for assessing attack surface risk, combining the potential costs of a breach—financial loss, operational disruptions, reputational damage and regulatory penalties—with the likelihood of such breaches, influenced by vulnerabilities in internet-exposed assets.
To mitigate these risks, continuous scanning of internet-exposed services is recommended by Unit 42, with a focus on prioritizing high-risk vulnerabilities and utilizing automation for swift identification and remediation.
