Continuity issued a research report which provided an analysis of the vulnerabilities and misconfigurations of enterprise storage systems. The findings revealed that storage systems have a significantly weaker security posture than the other two layers of IT infrastructure: compute or network.
These findings are alarming given the fact that, unlike an attack on individual endpoints or servers, which can cause problems, an attack that targets storage systems can be truly devastating.
A compromise of a single storage array can bring down thousands of servers – and wipe out petabytes of data, a frightening prospect given the rise in ransomware attacks over the past three years that target corporate data.
Data from more than 400 enterprise storage devices from vendors including Brocade, Cisco, Dell EMC, IBM, Hitachi Data Systems, NetApp, and others, were analyzed.
The impact of storage systems vulnerabilities
- More than 6,300 discrete security issues, such as vulnerabilities and misconfigurations, were detected.
- More than 170 security principles were not adequately followed.
- On average, enterprise storage devices had 15 security vulnerabilities. Approximately three of those were considered a high or critical risk rating — meaning they could present a significant compromise if exploited.
- The five most common types of vulnerabilities included: use of vulnerable protocols/protocol settings, unaddressed common vulnerabilities and exposures (CVEs), access rights issues (over exposure), insecure user management and authentication, and insufficient logging.
“Of the three main IT infrastructure categories – compute, network, and storage — the latter often holds the greatest value, from both security and business perspectives,” said Gil Hecht, CEO of Continuity.
“Security vulnerabilities and misconfigurations of storage devices present a significant threat, especially as ransomware attacks have taken hold of businesses over the past few years. Yet based on our analysis, the security posture of most enterprise storage systems is strikingly weak. Organizations must act immediately to better protect their storage – as well as backup systems – to ensure their data is secure against ransomware and other cyberattacks.”
To help organizations gain the visibility they need to understand their storage vulnerability risk and avoid blind spots, they should evaluate existing security processes and ensure that the storage layer be secured and hardened to a similar – if not greater – extent as compute and network assets.