Adding new services to the corporate infrastructure substantially increases the attack surface, and thus the chance of being successfully hit with a cyberattack. Despite this, enterprises across the majority of industries are adding many new services every month, risking devastating breaches, experts have warned.
A new report from Palo Alto Networks’ cybersecurity arm, Unit 42 has claimed the typical organization adds, or updates, more than 300 services every month.
Unit 42 found that organizations in the Media and Entertainment vertical were adding a significant number of services each month – 7,469. Telecommunications were placed second with 2,892 (roughly a third of what the Media and Entertainment firms are adding), followed by Insurance with 2,271,
Wide range of targets
”These new and updated services are responsible for nearly 32% of organizations’ new high or critical cloud exposures,” the researchers said in the report.
Quickly adding new services, without central oversight, “inevitably” leads to misconfigurations and exposures, Unit 42 concluded, adding that these mean a higher chance of a breach.
“It’s challenging to strengthen your defenses appropriately without complete knowledge of your entire attack.”
Misconfigured databases, for example, are one of the most common causes of data leaks. Many organizations are collecting huge amounts of personally identifiable information (PII) about their customers, partners, and employees, and are often storing this information in an unprotected cloud-based database.
As a result, crooks who know where to look can easily obtain this data, and either sell it on the dark web, or use it to engage in phishing and social engineering attacks.
In fact, Palo Alto says that attackers can scan the entire IPv4 address space (which counts 4.3 billion IPv4 addresses) in minutes, noting, “once attackers are in, they move faster to steal data, according to Unit 42 research, sometimes getting in and out in less than one day.”