50% of servers have weak security long after patches are released
Many organizations lag in patching high-severity vulnerabilities, according to a new study that reveals more than 50% of servers scanned have a weak security posture weeks and months after a security update is released.
To create the “2021 Trustwave SpiderLabs Telemetry Report,” researchers used Shodan, publicly available exploit information, and non-intrusive analysis of vulnerable targets accessible on the Internet. They found many servers weren’t patched in a timely manner, ran unsupported software, and used older protocols and remote access tools on servers accessible on the Web.
About 18,352 new security flaws were reported in 2020, a 6% jump from 2019 and 184.66% increase from 2016, researchers note in the report. This year, about 13,000 vulnerabilities have been reported as of September 1 — slightly more than the 12,360 reported at this time in 2020. Of these, 20% were classified as high severity.
Karl Sigler, senior security research manager at Trustwave SpiderLabs, points to a few reasons why the number of disclosed vulnerabilities is trending upward. For starters, he says, more researchers are probing tools and services, testing their defenses to find the security gaps. But a proliferation of new technologies are also being adopted, all of which have flaws.
“There is a huge shift in how technology is being used,” he says. “There’s a lot more public-facing services, especially for work-from-home because of the pandemic and a lot of other factors … I think organizations are becoming more globally disparate, there is more work-from-home, and expansion of the employee base, which will expose a lot of services as well.”
Enterprise environments are growing, too. Organizations are getting larger, and the systems and services they use and offer to employees and customers are becoming more complex.
“It’s not just a front-end and a back-end database — there are all kinds of various systems involved and often other organizations: third-party services, managed services, things like that,” Sigler adds.
All of this complexity makes environments more difficult to secure, especially as the number of disclosed vulnerabilities continues to rise. Researchers put the spotlight on a handful of high-severity flaws that still affect thousands of servers, months after their patches were released.
To read the complete article, visit Dark Reading.