The report finds 88% of current Internet-connected risks are caused by misconfigurations and exposures
ANN ARBOR, Mich., September 12, 2022 /PRNewswire/ — Today CensysThe leader in Offensive Surface Management (ASM), made its debut State of the Internet Report, a holistic view of Internet risks and organizations’ exposure to them. This first-of-its-kind report also provides perspectives on how security professionals have addressed several gaps over the past eighteen months, while offering guidance for organizations to prioritize and evaluate the security of Internet-connected business assets.
The first report, compiled by the Censys research team, is informed by the firm’s technology, which provides the most comprehensive view of assets on the Internet by continuously scanning the public IPv4 address space on the 3,600+ most popular ports. The Censys research team’s mission is to provide timely and critical research on Internet exposure and enable the broader cybersecurity community to take rapid action to mitigate future problems.
By carefully examining which ports, services, and software are most prevalent on the Internet and the systems and regions they run on, Censys’ research team found that misconfigurations and exposures are 88% Risks and vulnerabilities on the Internet. Using Censys’ Internet-wide scanning capabilities and risk detection fingerprints, the State of the Internet Report provides visibility into the assets and vulnerabilities of an organization’s Internet infrastructure in three sections: the Internet as a whole, the Internet Attack Surface, and Organizational Attack Surfaces.
“Assessing the state of the Internet is critical to understanding an organization’s own risks and exposures,” said Zakir Durumerich, Censys co-founder and chief scientist. “Censys’ unique Internet perspective, along with a comprehensive view of the potential consequences of misconfigurations, illustrates the critical need security teams need for enhanced visibility and understanding to make intelligent security decisions.”
Censys’ 2022 State of the Internet Report found:
- Incorrect configurations – including unencrypted services, weak or missing security controls and self-signed certificates – it is about 60% of the observed risks. When analyzing the risk profile of organizations across industries, missing common security headlines constituted a major security flaw.
- Exposures the number of services, devices and data accounts for 28% of observed risks. This includes everything from random databases to device exposures.
- Critical vulnerabilities and advanced exploits account for only 12% of observed risks. When analyzing organizations by industry, the Computer and Information Technology industry has the highest prevalence of various risks, while Freight and Postal Services have the second highest prevalence.
Censys researchers also conducted a holistic assessment of the Internet’s response to three major vulnerabilities—Log4j, GitLab, and Confluence—to understand mitigation strategies based on how the vulnerability is perceived. From this analysis, Censys learned how the Internet reacts differently to the disclosure of vulnerabilities.
Censys observed three distinct types of behavior in response to vulnerability disclosures:
- Instant upgrade: Systems vulnerable to Log4j acted quickly based on the vulnerability’s wide scope. By March 2022Censys observed that only 36% of potentially vulnerable services remained unpatched.
- Only upgrade after the vulnerability is actively and widely exploited: When exploiting the GitLab vulnerability, the remediation process moved slower than others until researchers discovered a botnet of thousands of compromised GitLab servers involved in DDoS campaigns.
- Respond immediately by removing the sensitive sample completely from the Internet: After Confluence’s vulnerability became public, users chose to completely remove assets from the Internet rather than upgrade. June 2021 and March 2022.
The Internet is constantly evolving as new technologies emerge, vulnerabilities are discovered, and organizations expand their Internet-interacting operations. Security teams are responsible for protecting their organization’s digital assets, and to do so they need proper visibility across the entire landscape. While vulnerabilities often make the bigger headlines, it’s undetected misconfigurations and exposures that pose the greatest risk to an organization, making it important to regularly assess any new hosts or services that appear in your infrastructure. Regardless of the type of vulnerability, providing organizations with the visibility and tools they need to strengthen their security posture provides a proactive, more vigilant approach to digital risk management.
To download the full report, visit: https://censys.io/state-of-the-internet-report/
To learn more about Censys’ approach to organizational visibility, visit: https://www.censys.io.
Censys, Inc.™ is a leading provider of continuous attack surface management. It was established in 2013 Ann Arbor, Michigan, Censys provides organizations with the world’s most comprehensive real-time view of global networks and devices. Customers such as FireEye, Google, NATO, the Swiss Armed Forces, the US Department of Homeland Security and more than 10% of the Fortune 500 rely on the company’s continuous Internet visibility platform to detect and prevent cybersecurity threats. At Censys, you can be yourself. We like it that way. Diversity fuels our mission, and we are committed to inclusion across race, gender, age, and identity. For more information, visit censys.io and follow Censys on Twitter.