The internet is becoming more secure -- but only slowly
New research from security analytics and automation company Rapid7 reveals that the security of the internet overall is improving and the number of insecure services such as SMB, Telnet, rsync, and the core email protocols all decreased from the levels seen in 2019.
However, the National/Industry/Cloud Exposure Report (NICER) shows vulnerabilities and exposures still plague the modern internet even with the increasing adoption of more secure alternatives to insecure protocols, like Secure Shell (SSH) and DNS-over-TLS (DoT).
"2020 has brought unprecedented changes and challenges to organizations of all sizes and across all industries. With NICER, we had a unique opportunity to explore the state of security worldwide during this time, with the goal of understanding how the pandemic, lockdown, job loss, and shift to remote work has affected the character and composition of the internet," says Tod Beardsley, director of research at Rapid7. "We were surprised to see that recent incidents appear to have had no obvious effect on the fundamental nature of the internet, however it is possible that we have yet to see the full impact."
Among NICER's key findings are that the US, China, South Korea, the UK and Germany rank as the top five most exposed countries. The top publicly traded companies in the US, UK, Australia, Germany, and Japan are still hosting a high number of unpatched services with known vulnerabilities too. These findings are consistent with research Rapid7 conducted in 2019.
Telnet continues to be commonly used across cloud providers, despite its lack of security controls -- with Microsoft, Alibaba and OVHcloud having the most exposure. There has been an average 13 percent year-over-year decrease in exposed, highly vulnerable services such as SMB, Telnet, and rsync.
Patch and update adoption continues to be slow as well, especially in remote console access where, for example, 3.6 million SSH servers are running versions that are between five and 14 years old.
"The internet landscape is continually changing. Through NICER, we are able to provide more actionable data to help diagnose what is vulnerable, what is improving or getting worse, and what solutions are available for policymakers, business leaders, and innovators to make the internet more secure," says Bob Rudis, chief data scientist at Rapid7. "Policymakers, business leaders, and innovators have an opportunity to shape the security of the internet of the future, but only if they are aware of the state of today’s internet."
You can get the full NICER 2020 report from the Rapid7 site.