Internet security is improving, but exposures still run rampant
Rapid7’s research found that the security of the internet overall is improving. The number of insecure services such as SMB, Telnet, rsync, and the core email protocols, decreased from the levels seen in 2019.
Vulnerabilities and exposures still plague the modern internet even with the increasing adoption of more secure alternatives to insecure protocols, like Secure Shell (SSH) and DNS-over-TLS (DoT).
“We were surprised to see that recent incidents appear to have had no obvious effect on the fundamental nature of the internet, however it is possible that we have yet to see the full impact,” said Tod Beardsley, Director of Research at Rapid7.
Most exposed countries and organizations
The United States, China, South Korea, the United Kingdom and Germany rank as the top five most exposed countries, while the top publicly traded companies in the United States, the United Kingdom, Australia, Germany, and Japan are still hosting a high number of unpatched services with known vulnerabilities.
Publicly traded financial services and telecommunications companies in the United States, the United Kingdom, Australia, Germany, and Japan were found particularly vulnerable. There are tens of thousands of high-rated Common Vulnerabilities and Exposures (CVEs) across the public-facing assets of these two sectors.
Telnet continues to be commonly used across cloud providers, despite being unsuitable for the internet due to its lack of security controls – with Microsoft, Alibaba and OVHcloud having the most exposure.
Slow patch and update adoption
Patch and update adoption continues to be slow, especially in remote console access where, for example, 3.6 million SSH servers are running versions between five and 14 years old.
Furthermore, there has been an average 13 percent year-over-year decrease in exposed, highly vulnerable services such as SMB, Telnet, and rsync.
Also, unencrypted, cleartext protocols are still heavily used with 42 percent more plaintext HTTP servers than HTTPS, 3 million databases awaiting insecure queries, and 2.9 million routers, switches, and servers accepting Telnet connections, which is a 7% decrease when compared to research Rapid7 conducted 2019.