Fifty-nine percent of enterprise endpoints still run Microsoft Windows 7 -- leaving organizations at a greater risk for ransomware attacks like WannaCry, new research shows.
Moreover, some 13 percent of endpoints are browsing on an unsupported version of Internet Explorer that is no longer receiving security updates, and more than half are running an out-of-date version of Flash that is not protected against the latest known vulnerabilities, according to the 2017 Duo Trusted Access Report.
In stark contrast, we suspect that most desktops managed by MSPs and MSSPs are in far better shape. According to Datto, only a handful of its 6,000+ MSPs experienced any issues during the recent WannaCry outbreak. The likely reason: Most MSPs require customers to have the most up-to-date operating systems, applications and associated patches.
Cybersecurity Research From Due Security
Enterprises, many of which manage security on their own, aren't quite so fortunate.
Duo Labs, the research team at Duo Security, tapped its database of customers from a wide variety of industries and company sizes to assess the current security health of devices used to access the enterprise environment. The research included data from 4.6 million endpoints used by businesses worldwide, including 3.5 million mobile phones, completing more than 200 million authentications per month.
While the research and analysis uncovered some alarming security trends - including the widespread use of unpatched and out-of-date software, systems and servers that are prime targets for attackers - there were some slivers of good news.
For one thing, the number of endpoints running on Windows 10 is more than double what it was in the same survey last year. Thirty-one percent are now running the latest version of Windows, compared to just 15 percent in 2016.
Cybersecurity Research By Region, Industry
Europe, the Middle East and Africa (EMEA) are slightly more up to date than North America, with 40 percent of endpoints running the latest Windows 10 operating system (OS), compared to 31 percent in the U.S. and Canada.
In the U.K, the figure was 37 percent.
Industry Breakdown: Unsurprisingly, the tech industry has the highest number of endpoints running the latest Windows 10. The machinery and healthcare industries have the lowest percentages, making them susceptible to vulnerabilities that only affect old, unpatched OSs.
In healthcare, 3 percent of endpoints are still running Windows XP, even though Microsoft ended security support for the software in 2014 -- potentially running afoul of HIPAA.
For macOS, the environmental industry fares well with 57 percent of endpoints running an up-to-date version. State and local government lag the furthest behind, with 76 percent running a two-year-old OS version.
Biotech came in last for mobile security features, with the lowest amount of mobile devices with screen lock or encryption enabled, while the tech industry wins again in this category with the highest adoption of Touch ID/fingerprint authentication and encrypted phones.
The Importance of Patching
The report emphasized the importance of patching - though it is not always easy, affordable or quick - for warding off attacks like WannaCry.
WannaCry's worm-like ransomware exploited a Windows Server Message Block (SMB) bug affecting unpatched versions of the Windows OS, affecting more than 300,000 computers across the world and bringing critical operations at hospitals, government agencies, energy firms and more to a halt.
According to Kaspersky Lab, it was later determined that 98 percent of computers affected by the initial attack were running Windows 7. And since Microsoft had released a patch to fix the SMB bug exploited by WannaCry back in March, that means those systems hadn’t been patched for at least two months.
