Skip to main content

Vast majority of firms suffer from high-risk vulnerabilities on network perimeter

cyber security
(Image credit: Image Credit: Sergey Nivens / Shutterstock)

High-risk vulnerabilities are present on the network perimeter of most companies, a new report from Positive Technologies finds.

Analyzing more than 3,500 hosts for the report, including network devices, scanners and workstations, the company concluded that 84 percent of companies, across various industries, have such vulnerabilities (opens in new tab)present on their perimeters.

The report states that most of these vulnerabilities could easily be mitigated simply by patching up software, algorithms and protocols.

According to Positive Technologies, most companies are struggling to keep up with software updates (opens in new tab). In some cases, they were even using software past the end of life date; the oldest vulnerability found in automated analysis was 16 years old.

Analysis revealed remote access and administration interfaces, such as Secure Shell (SSH), Remote Desktop Protocol (RDP), and Network Virtual Terminal Protocol (Internet) TELNET were frequently used to launch attacks. With access, criminals can easily launch brute-force attacks, moving through weak passwords “in a matter of minutes”.

“Network perimeters of most tested corporate information systems remain extremely vulnerable to external attacks,” said Ekaterina Kilyusheva, Head of Information Security Analytics Research at Positive Technologies.

“Even in 2020, there are still companies vulnerable to Heartbleed and WannaCry. Our research found systems at 26 percent of companies are still vulnerable to the WannaCry encryption malware.”

Sead Fadilpašić is a freelance tech writer and journalist with more than 17 years experience writing technology-focussed news, blogs, whitepapers, reviews, and ebooks. And his work has featured in online media outlets from all over the world, including Al Jazeera Balkans (where he was a Multimedia Journalist), Crypto News, TechRadar Pro, and IT Pro Portal, where he has written news and features for over five years. Sead's experience also includes writing for inbound marketing, where he creates technology-based content for clients from London to Singapore. Sead is a HubSpot-certified content creator.