Critical Infrastructure is Ripe for Cyberattacks, CybelAngel Study Reveals
CybelAngel, a specialist in external attack surface management cybersecurity technology, found that while many companies have successfully defended their own security perimeter, critical infrastructure and other modernizing industries have “fallen short.”
The newly released report, entitled the 2023 External Attack Surface: Annual Threat Trends Analysis Report, highlights the critical paths hackers will take to get to their target. The report also covers trends in cybercrime, key areas of data risk and a breakdown of exposures by industry.
Firewall Exposure the Biggest Threat
The findings reveal that exposures outside of an organization’s firewall are the greatest source of cybersecurity threats. Across all industries, these vulnerabilities, composed of unprotected or compromised assets, data and credentials, have proven to be an increasing challenge for organizations to detect and secure.
Here are the study’s key findings:
- 87% of all detected threats are from third-party or malicious actors.
- 9% of all detected internet-facing assets had an associated unpatched vulnerability. The top 10 CVEs (common vulnerabilities and exposures) were found unpatched at least 12 million times each.
- More than 70 billion files, including intellectual property and financial information, are currently freely available, unprotected, on unsecured web servers.
- The trends within these detections are even more concerning when viewed against industries, with a significant number of risk areas threatening critical infrastructure, including telecommunications, construction, and oil and gas.
The top three exposed industries are:
- Retail had a disproportionately high number of malicious domains and many vulnerabilities detected in their assets.
- Telecommunications ranked notably high, such as open ports, unsecured databases, sensitive documents, leaked credentials and dark web activity.
- Business Services is overrepresented in dark web activity and the number of malicious domains.
Commenting on the findings, Erwan Keraudy, CybelAngel chief executive and co-founder, said:
“With the majority of detected risks originating from external assets and actors, the threats these industries face today are ultimately the same. This highlights an immediate need for a security mindset overhaul. Passive and reactive security measures are no longer enough in today’s security landscape.
“Cybersecurity teams must take a proactive and comprehensive stance on looking for early indicators of risk, which requires full visibility into the [external attack surface management] including known assets, shadow assets, partner, vendor, supplier assets and more.”
More From the Report
Additional findings include:
- Information Stealer malware will proliferate within the enterprise. Many of the exposed emails in different breaches either share the same password or a close variation of another exposed password. Looking at credential leaks and dark web marketplace activity, malware designed to steal this data will grow rapidly.
- Shadow IT, including operational technology (OT) and the internet of things (IoT) will increase. The report found that 8% of all detected OT/IoT devices had vulnerabilities, which can serve as a bridge to breach an otherwise secure network.
- The number of unsecured and misconfigured clouds will rise with cloud adoption. CybelAngel detected 1.4 million misconfigured cloud devices.