There is a steady increase in attacks and changes in attack methods that target weaknesses in encryption, workload configuration, limited visibility into vulnerabilities and outdated and unsupported operating systems, according to a research by Alert Logic.
The research discovered 66% of SMB devices run Microsoft OS versions that have expired or will expire by January 2020, the majority of which are over 10 years old.
In support of the research, Alert Logic’s Threat Intelligence team analyzed more than 1.3 petabytes of data, 10.2 trillion log messages, 2.8 billion intrusion detection events, and 8.2 million verified security incidents across Alert Logic’s customer base of more than 4,000 organizations of all sizes, from SMBs to large enterprises.
The teams also investigated emerging and evolving vulnerabilities and attack methods across the open internet. This research uncovered several patterns that specifically affect SMBs.
“The continued lack of skilled cybersecurity professionals affects organizations of all sizes, and small and midsize businesses are at greater disadvantage because they can’t scale like large organizations can,” said Onkar Birk, Senior Vice President of Product Strategy and Engineering, Alert Logic.
“These organizations will greatly benefit from partnering with providers who can augment their limited teams with threat intelligence and experts to be more secure and compliant.”
The report details nine top takeaways based on Alert Logic’s analysis over a six-month period. Some of the key findings are as follows:
- 66% of SMB devices run Microsoft OS versions that are expired or will expire by January 2020. Shockingly, the majority of devices scanned in the research were running Windows versions more than 10 years old.
- 42% of SMB security issues are related to encryption. While automated patching has helped to reduce the frequency of vulnerabilities, configurations remain a major issue. The report identified just 13 encryption-related configuration issues accounted for 42% of all security issues found.
- 75% of unpatched vulnerabilities in the SMB space are more than one year old. Even though automated updates have improved software patching, organizations are still having difficulty keeping pace. Open source software further complicates the patch cycle, especially when it is embedded.
- More than 30% of SMB email servers operate on unsupported software. Modern businesses are fueled by email, and SMBs are no exception. Despite email being the life blood of most organizations, almost a third of the top email servers detected were running Exchange 2000, which has been unsupported for nearly 10 years.