Over a million corporate file-shares are exposed to attacks

Vulnerable SMB ports could lead to a second WannaCry outbreak, say experts

Click here for malware

Vast amounts of companies are leaving their corporate networks exposed, experts have revealed, risking the possibility of a second WannaCry-style malware outbreak.

The National Exposure Index report, compiled by security firm Rapid7, revealed that internal file-sharing systems were being exposed by over one million unsecured endpoints, potentially exposing business-critical systems and data to malicious external hackers.

Advertisement - Article continues below

The vast majority of the vulnerable endpoints observed by Rapid7 - more than 800,000, in fact - were Windows systems that used the server message block (SMB) protocol. A vulnerability in this protocol is one of the main reasons behind the swift and prolific spread of the WannaCry ransomware earlier this year, which used the flaw to propagate across the internet.

Running a scan for SMB port 455 revealed over 5.5 million responsive nodes, and Rapid7 warned that blocking these ports from being publicly-addressable could go a long way towards stopping the spread of similar attacks to WannaCry in the future.

However, the report did note some areas of improvement. Belgium, last year's most exposed country, did not even make the top 50 in 2017's report after 250,000 publicly-exposed servers had their access culled.

Similarly, there has been a 33% drop in the amount of telnet exposure. This was partly judged to be a result of ISPs blocking access to port 23 in response to the Mirai botnet - although Rapid7 also noted that it was likely due in part to nodes being knocked offline by Mirai itself.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

Zimbabwe, Hong Kong and Samoa topped this year's list of the most exposed countries. The UK came in at number 37, despite having the world's fourth-largest allocation of IPv4 addresses.

"The UK's position at #37 on the National Exposure Index is reflective of the fact that while it is generally in line with similar nations' exposure, the UK has an uncomfortably high exposure rate of qualified SMB," Rapid7 said as part of the report. "IT administrators and internet service providers in the UK would do well to review what is both allowed and expected to be available on the internet."

Featured Resources

Preparing for long-term remote working after COVID-19

Learn how to safely and securely enable your remote workforce

Download now

Cloud vs on-premise storage: What’s right for you?

Key considerations driving document storage decisions for businesses

Download now

Staying ahead of the game in the world of data

Create successful marketing campaigns by understanding your customers better

Download now

Transforming productivity

Solutions that facilitate work at full speed

Download now
Advertisement

Recommended

Visit/security/29204/how-can-you-protect-your-business-from-crypto-ransomware
Security

How can you protect your business from crypto-ransomware?

4 Nov 2019
Visit/security/ransomware/356292/university-of-california-gets-fleeced-by-hackers-for-114-million
ransomware

University of California gets fleeced by hackers for $1.14 million

30 Jun 2020
Visit/security/cyber-security/356289/australia-announces-135b-investment-in-cybersecurity
cyber security

Australia announces $1.35 billion investment in cyber security

30 Jun 2020
Visit/cloud/cloud-security/356288/csa-and-issa-form-cybersecurity-partnership
cloud security

CSA and ISSA form cyber security partnership

30 Jun 2020

Most Popular

Visit/business/business-operations/356395/nvidia-overtakes-intel-as-most-valuable-us-chipmaker
Business operations

Nvidia overtakes Intel as most valuable US chipmaker

9 Jul 2020
Visit/laptops/29190/how-to-find-ram-speed-size-and-type
Laptops

How to find RAM speed, size and type

24 Jun 2020
Visit/hardware/components/356405/is-it-time-to-put-intel-outside
components

Is it time to put Intel Outside?

10 Jul 2020