Attack surface of Australian organisations calculated

New research from Tenable has uncovered some significant cyber hygiene issues with some of Australia's largest (by market capital) organisations.

The company examined the external attack surface of 25 Australian organisations and found that, on average, each possesses nearly 12,000 internet-facing assets that are susceptible to potential exploitation. The study total equates to more than 290,000 assets and illustrates the immense scale of cybersecurity architecture required to protect sensitive data and critical systems.

"Australia reported 76,000 cyber attacks last year, equivalent to one every seven minutes," said Scott McKinnel, Country Manager ANZ for Tenable.

"These recent high-profile cyber attacks serve as a stark reminder that bad actors only need to succeed once, while defenders must ensure cybersecurity is effective every single time. Australia's digital security is paramount and it all begins with a comprehensive understanding of the attack surface and every potential entry point."

Weak SSL/TLS encryption

Out of the total number of assets for all companies tracked, organisations had over 9500 web-based assets that still support TLS 1.0 [a security protocol first defined in 1999 for establishing encrypted channels over computer networks] that was disabled by Microsoft in September [2022]. This is just one example demonstrating how challenging it’s become for organisations with large internet footprints to identify and update outdated technology.

Outdated version of Log4J still present

The examination revealed that out of the total assets for all companies tracked, more than 8000 assets are susceptible to the Log4J vulnerability. This finding highlights a significant concern, as known vulnerabilities like Log4J are the primary cause of a majority of cyber attacks. By relying on outdated versions of Log4J, organisations are leaving themselves exposed to potential cybersecurity breaches.

Misconfiguration increases external exposure

Over 12,000 assets out of the total, initially intended for internal use, have been inadvertently exposed and are now accessible externally. Not hardening these internal assets presents a substantial risk to organisations, as it effectively opens the door for malicious actors to target sensitive information and critical systems.

API vulnerabilities amplify risk

The identification of more than 4000 APIs out of the total number of assets among organisations' digital infrastructure poses a substantial risk to their security and operational integrity. APIs serve as crucial connectors between software applications, facilitating seamless data exchange. However, inadequate authentication, insufficient input validation, weak access controls and vulnerabilities in dependencies within API implementations create a vulnerable attack surface. Such weaknesses can be exploited by malicious actors to gain unauthorised access, compromise data integrity and launch devastating cyber attacks.

"An alarming reality is that only a handful of organisations possess a comprehensive understanding of their complete digital footprint. One of the most prevalent and perilous security oversights is the inadvertent misconfiguration of cloud resources, making them vulnerable to the internet," said Nathan Wenzler, Chief Cybersecurity Strategist at Tenable.

"It is crucial for every business or government entity to possess advanced capabilities that can identify previously invisible points of vulnerability. By proactively preventing attacks rather than merely managing them, organisations can effectively safeguard their digital infrastructure."

Image credit: iStock.com/iambuff