Security Market Segment LS
Sunday, 08 July 2018 20:57

Australia 11th in country rankings for Internet security threat exposure Featured


Australia ranks 11th in the world as the country with the highest Internet security threat exposure, narrowly avoiding the top 10 most exposed countries which are led by the US, China, Canada, South Korea and the UK.

According to the latest threat 2018 National Exposure Index from analytics solutions provider Rapid7, the US scored the highest in nearly every exposure metric measured and along with China, Canada, South Korea, and the United Kingdom. Together they control more than  61 million servers listening on at least one of the surveyed ports.

Rapid7 says Australia’s relatively high exposure to security risks online is cause for concern because of its high dependence on the Internet.

It cautions that Australia is a high-profile target with many businesses leaving themselves exposed due to basic errors in the management of their IT environments and day-to-day operations.

The National Exposure Index Report highlights that 22% of all Internet-reachable Australian servers accept connections on 445/TCP, the port associated with Server Message Block, a core Windows networking protocol.

Rapid7 warns that it is extremely dangerous to connect SMB to the Internet as it exposes Microsoft vulnerabilities to EternalBlue-powered attacks such as WannaCry.

There are 13 million exposed endpoints associated with direct database access, half of which are associated with MySQL, says Rapid7.

“Along with millions of exposed PostgreSQL, Oracle DB, Microsoft SQL Server, Redis, DB2, and MongoDB endpoints, this exposure presents significant risk of crucial data loss in a co-ordinated attack,” Rapid7 warns.

“While the number of exposed Microsoft SMB Servers dropped considerably after the WannaCry attack of 2017, there remain about a half a million targets today, primarily in the US, Taiwan, Japan, Russia, and Germany.”

According to Rapid7, amplification-based distributed denial of service (DDoS-A) remains a powerful technique for harming enterprises and providing cover for more sophisticated attacks.

It says that while the number of exposed UDP-based memcached servers is less than 4000, there are about 40,000 unpatched, out-of-date memcached servers, which are at risk of being drafted into the next “record-breaking DDoS attack”.

“These key findings tell us that the most risk to the Internet originates in countries that have significant investment in, and reliance on, a safe and stable Internet.

“This indicates to us that national Internet service providers in these countries can use these findings to understand the risks of internet exposure, and that they, along with policymakers and other technical leaders, are in an excellent position to make significant progress in securing the global Internet.

“It’s important to note that it’s not just mature, traditionally ‘rich’ or ‘large’ countries that rely on a healthy and functioning Internet. As of the start of 2018, more than half of all humans now maintain an active internet presence, after significant growth in both client-side and server-side infrastructure in Asia and Africa.

“We are in a crucial period of human history, and we need to actively measure the patterns of Internet usage that impact the security and stability of this incredible, planet-wide resource. By comparing regions both globally and with their immediate neighbors, we believe it’s possible to deliberately apply some ‘network husbandry’ to the Internet to ensure it remains supportive of technical innovation, cultural value, and economic prosperity.”

According to Rapid7, 2018 has already seen the largest distributed denial of service attack on record, using unsecured ‘memcached’ UDP servers.

“Due to this event, we’re paying much closer attention to memcached and other connectionless UDP services that can be abused in amplification attacks, and we have added this metric to the national exposure ranking system.”

Rapid7 warns that it also continues to worry about the exposure level of popular database servers, such as MySQL, PostgreSQL, Microsoft SQL Server, Oracle DB, and IBM DB2 – as well as the “NoSQL” databases like MongoDB and Redis.

“It’s our hope that by highlighting the prevalence of these services, and the specific geographic regions in which they reside, we can get ahead of a coming DB disaster.”


Did you know: 1 in 10 mobile services in Australia use an MVNO, as more consumers are turning away from the big 3 providers?

The Australian mobile landscape is changing, and you can take advantage of it.

Any business can grow its brand (and revenue) by adding mobile services to their product range.

From telcos to supermarkets, see who’s found success and learn how they did it in the free report ‘Rise of the MVNOs’.

This free report shows you how to become a successful MVNO:

· Track recent MVNO market trends
· See who’s found success with mobile
· Find out the secret to how they did it
· Learn how to launch your own MVNO service


Peter Dinham

Peter Dinham is a co-founder of iTWire and a 35-year veteran journalist and corporate communications consultant. He has worked as a journalist in all forms of media – newspapers/magazines, radio, television, press agency and now, online – including with the Canberra Times, The Examiner (Tasmania), the ABC and AAP-Reuters. As a freelance journalist he also had articles published in Australian and overseas magazines. He worked in the corporate communications/public relations sector, in-house with an airline, and as a senior executive in Australia of the world’s largest communications consultancy, Burson-Marsteller. He also ran his own communications consultancy and was a co-founder in Australia of the global photographic agency, the Image Bank (now Getty Images).



Recent Comments