Alert Logic has published a report on cyber risks in the field of small and medium-sized businesses. According to analysts, the key problem of small organizations is weak encryption and the use of outdated versions of software – users do not update the software.The study is based on the study of 8.2 million information security incidents that occurred in more than 4 thousand Alert Logic customers.
At the same time, the risks associated with the security of computer infrastructure can be significantly reduced by protecting only three ports, which account for two-thirds of all cyberattacks.
According to experts, 42% of the incidents identified were due to incorrect settings related to encryption. According to researchers, the use of cloud services such as AWS requires special attention to protecting traffic, but 33% of verified accounts use unreliable cryptographic methods or do not encode information at all. In addition, 14% of small organizations have problems setting up S3 baskets.
“Analysis of server and workstation configuration errors showed that two-thirds of them are associated with the use of weak encryption algorithms. MD5 is no longer considered a sufficiently secure cryptography method, and SHA-0 and SHA-1 are easily cracked using modern computing power”, – experts noted.
For reliable data protection, experts recommend the use of SHA-256 and AES.
According to the report, 66% of checked Windows systems use outdated OS versions or those that will be removed from support in January 2020. The situation with Linux-based servers is no less alarming: about 50% of them work on assemblies with the old kernel, for which security updates are not issued. In addition, manufacturers no longer support more than 30% of the mail servers of small organizations.
“SMB companies using current versions of system software often neglect to install important patches. Of the 20 vulnerabilities most often encountered on servers and workstations in small businesses, 75% were fixed by the manufacturer a year or more ago”, – noted the researchers.
As information security experts found out, 65% of attacks on computer systems of small organizations are conducted through TCP ports 22 (SSH), 443 (HTTPS) and 80 (HTTP). By protecting them with a firewall and regularly checking the incoming request log, you can avoid most of the attacks that threaten small and medium-sized enterprises.
User Review( votes)