The level of today’s digital attack surface is highly damaging, if internet-wide
telemetry and an enormous amount of internet data of an organization, is anything to go by.
Cyber-attacks across the globe are increasing, with the widespread telemetry and Big Data usage. It is essential to realize that the modern corporate digital attack surface is letting more attackers exploit data amid the COVID-19 crisis. Recently, RiskIQ has analyzed the critical business concerns around the subject and published its latest report, titled – ‘Analysis of an Attack Surface: Five Ways Hackers are Targeting Organizations’. The research is a data-driven study of the company’s digital presence across multiple areas where they lack visibilities. As a result, malicious actors are exploiting these available blind spots.
The company’s unique technology and strategies have extracted terabytes of internet data for mapping several associations between the internet-exposed infrastructures to assess digital risk. As mentioned by Lou Manousos, CEO at RiskIQ – “Today, organizations are responsible for defending not only their internal network, but also their digital presence across the internet and the cloud…Bringing the massive scope of an organization’s attack surface into focus helps frame the challenges of extending cybersecurity outside the corporate firewall, especially as staff is forced to work from home in response to COVID-19 push that boundary farther out”
RiskIQ noted that while carrying out this research, their systems daily scanned hundreds of unique ports and related service banners – spanning the IPv4 space, effecting billions of HTTP requests. This helped to take in DNS data and take out web components like SSL certificates, cookies, and tracking code. Some of the principal findings from the report are –
a] The worldwide attack surface is bigger than one could expect – The report found 2,959,498 new domains (precisely, 211,392 per day) and 772,786,941 new hosts 55,199,067 per day across the web in two weeks – each of them representing a potential target for the threat actors.
b] Hackers might know more about an attack surface than the company – Considering the attack surfaces of FTSE-30 companies, every firm had about 324 expired certificates and nearly 46 web frameworks (on average) with the known vulnerabilities.
c] Hidden attack surface – In Q1 of 2020, RiskIQ had identified around 21,496 phishing domains spanning 478 unique brands.
d] Mobile attack surface – Last year, the researchers found 170,796 blacklisted mobile applications across 120 mobile apps stores and on the open internet.
Organizations need to understand how their system looks like from the outside-in. therefore; it may be a good idea to develop an attack surface management program that will enable businesses to find out information linked with their organization on the web. It can get both legitimate and malicious details (if any), and can also inspect the targeted risks.