Why the telecoms industry is particularly vulnerable to BlueKeep
The industry's exposure far exceeds any other, but it's not down to incompetence
The telecoms industry is considerably more vulnerable to the Windows BlueKeep exploit five months after its discovery than any other sector, according to new research.
BlueKeep is a remote code vulnerability discovered in May 2019 that affected nearly all versions of Windows and, if exploited, would give an attacker the highest possible privileges on a system.
The vulnerability was so severe that Microsoft released a security patch for it, including an out-of-band update for several versions of Windows that have gone end of life, such as Windows XP which hasn't received a security update since 2014.
Since the Department of Homeland Security and individuals in the private sector developed working exploits of the BlueKeep vulnerability, businesses have been scrambling to update their systems, but according to research from BitSight, over 800,000 systems still remain vulnerable representing just a 17% reduction in vulnerable systems since May.
The researchers said progress has been made across all the industries included in the study, but that telecoms is far more exposed than any sector, with more than 30% of systems still vulnerable to BlueKeep compared to education, the next most at risk area, at just over 5%.
BitSight attributed the huge discrepancy to the fact that "telecommunications companies usually host end-customer systems that they cannot upgrade themselves, which may explain the higher ratio for this industry sector".
"Telecommunications and education [industries] often provide transit services and thus many of the issues affecting those industries are on systems of their customers," the research read. "Residential networks are included as part of the telecommunication industry while in education, the largest group typically represents students."
The industries most responsive when mitigating the vulnerability include the legal, insurance and financial services, all of which were the least vulnerable to BlueKeep in the first place.
The education sector experienced the most significant reduction in industry-wide vulnerability, as evidenced by the table above, but it still languishes behind nearly every other type of organisation.
It was also revealed that China is the country with the most vulnerable systems, closely followed by the US.
"China showed the highest absolute improvement by reducing the number of exposed vulnerable systems by 109,670 which represents a 23.9% decrease," read the report. "The United States followed suit by showing 26,787 fewer vulnerable systems exposed, representing a 20.3% decrease."
"However, there were a number of other countries that saw an increase in the number of exposed systems," the report added. "Most notably was South Korea showing an increase of 3,430 vulnerable exposed systems, a 14.5% increase, and Estonia with 146, a 32.2% increase."