Over a million corporate file-shares are exposed to attacks

Vulnerable SMB ports could lead to a second WannaCry outbreak, say experts

Click here for malware

Vast amounts of companies are leaving their corporate networks exposed, experts have revealed, risking the possibility of a second WannaCry-style malware outbreak.

The National Exposure Index report, compiled by security firm Rapid7, revealed that internal file-sharing systems were being exposed by over one million unsecured endpoints, potentially exposing business-critical systems and data to malicious external hackers.

The vast majority of the vulnerable endpoints observed by Rapid7 - more than 800,000, in fact - were Windows systems that used the server message block (SMB) protocol. A vulnerability in this protocol is one of the main reasons behind the swift and prolific spread of the WannaCry ransomware earlier this year, which used the flaw to propagate across the internet.

Running a scan for SMB port 455 revealed over 5.5 million responsive nodes, and Rapid7 warned that blocking these ports from being publicly-addressable could go a long way towards stopping the spread of similar attacks to WannaCry in the future.

However, the report did note some areas of improvement. Belgium, last year's most exposed country, did not even make the top 50 in 2017's report after 250,000 publicly-exposed servers had their access culled.

Similarly, there has been a 33% drop in the amount of telnet exposure. This was partly judged to be a result of ISPs blocking access to port 23 in response to the Mirai botnet - although Rapid7 also noted that it was likely due in part to nodes being knocked offline by Mirai itself.

Zimbabwe, Hong Kong and Samoa topped this year's list of the most exposed countries. The UK came in at number 37, despite having the world's fourth-largest allocation of IPv4 addresses.

"The UK's position at #37 on the National Exposure Index is reflective of the fact that while it is generally in line with similar nations' exposure, the UK has an uncomfortably high exposure rate of qualified SMB," Rapid7 said as part of the report. "IT administrators and internet service providers in the UK would do well to review what is both allowed and expected to be available on the internet."

Featured Resources

The ultimate guide to business connectivity in field services

A roadmap to increased workplace efficiency

Free download

The definitive guide to migrating to the cloud

Migrate apps to the public cloud with multi-cloud infrastructure solutions

Free download

Transform your network with advanced load balancing from VMware

How to modernise load balancing to enable digital transformation

Free download

How to secure workloads in hybrid clouds

Cloud workload protection

Free download

Recommended

Researchers disclose top flaws abused by ransomware gangs
ransomware

Researchers disclose top flaws abused by ransomware gangs

20 Sep 2021
One-in-seven Nasdaq-100 companies ranked as highly susceptible to a ransomware attack
cyber crime

One-in-seven Nasdaq-100 companies ranked as highly susceptible to a ransomware attack

16 Sep 2021
Large US businesses are hackers' ideal ransomware targets
ransomware

Large US businesses are hackers' ideal ransomware targets

7 Sep 2021
Criminals caught trying to recruit insiders to plant ransomware
ransomware

Criminals caught trying to recruit insiders to plant ransomware

20 Aug 2021

Most Popular

How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

17 Sep 2021
What are the pros and cons of AI?
machine learning

What are the pros and cons of AI?

8 Sep 2021
Best MDM solutions 2020
mobile device management (MDM)

Best MDM solutions 2020

17 Sep 2021