Adrian Johnson
TLDR:
Unit 42 warns enterprises about the increased vulnerabilities in network and IT infrastructure due to the rapid growth of new services, often added without central IT security oversight. The Attack Surface Threat Report reveals that new and updated services account for nearly 32% of high or critical cloud exposures, with IT and networking infrastructure being the main source of high-risk exposures.
Summary:
Palo Alto Networks’ Unit 42 security research group has highlighted the challenges faced by organizations in protecting enterprise cloud-based resources. Here are the key elements of the article:
- The average organization adds or updates around 300 services monthly, posing a challenge to security teams.
- Industries like telecommunications, insurance, pharma, and life sciences add over 1,000 new services each month, while financial services, healthcare, and manufacturing industries add over 200 monthly.
- The rapid growth of new services often occurs without central IT security oversight, leading to misconfigurations and exposures.
- Unit 42’s Attack Surface Threat Report measured threats across 265 organizations worldwide, revealing that new and updated services account for a significant portion of high-risk cloud exposures.
- Common exposure points include remote access services, unpatched/misconfigured systems, weak cryptography, and vulnerabilities in IoT devices.
- Recommendations for organizations include continuous scanning of ports, services, and devices, addressing critical vulnerabilities promptly, distinguishing between expected and unknown assets, and utilizing automation capabilities for remediation processes.
Overall, the report emphasizes the importance of identifying and mitigating vulnerabilities in an organization’s attack surface to reduce the risk of cyberattacks and data breaches.
