Zscaler: Cloud infrastructure at risk from expanded attack surfaces

Elevate your enterprise data technology and strategy at Transform 2021.

Nearly 400,000 servers belonging to 1,500 companies around the world are exposed and discoverable over the internet — meaning anyone in the world can try to access them, not just bad actors, according to the 2021 “Exposed” Report from cloud security company Zscaler.

Above: Cloud servers from public providers expand the organization’s attack surface and risks of exposure. 

Knowing a server exists is half the battle. If the actor knows about the server, the actor can then poke around the application stack or server configuration for potential vulnerabilities to exploit. For example, “Exposed” report found that 47% of the supported protocols were outdated and vulnerable to attack.

The typical organization has an average of 262 servers exposed, Zscaler said.

Public cloud providers Amazon Web Services (AWS), Microsoft Azure Cloud, and Google Cloud Platform (GCP) pose a huge risk of attack surface exposure with over 60,500 instances, averaging 40 exposures per company, the report found. Public cloud exposure can be particularly dangerous as many IT security leaders may be unaware of the scope of cloud infrastructure in use within their organizations. IT leaders should take steps to discover the extent of public cloud usage across their organizations and identify ways to reduce the attack surface.

The hospitality industry, which includes restaurants, bars, and food service vendors, had the highest average of exposed servers and public cloud instances. AWS instances were exposed 2.9 times more often than servers from other cloud providers. The COVID-19 pandemic likely contributed to the high number of exposed servers as many establishments had to scramble in a short period of time to set up online ordering and digital payment systems.

As cloud adoption continues to grow, cloud exposure will also increase. Zscaler said.

For the 2021 “Exposed” Report, Zscaler analyzed 1,500 organizations’ visible attack surfaces to highlight and identify attack surface trends that are affecting businesses of all sizes across all geographies and industries. The time span of the analysis for this report provided a first-ever look at the possible impact on attack surface due to remote work during the global pandemic.

Read the full Exposed Report from Zscaler.

VentureBeat

  • up-to-date information on the subjects of interest to you
  • our newsletters
  • gated thought-leader content and discounted access to our prized events, such as Transform 2021: Learn More
  • networking features, and more

Source: Read Full Article