According to a new report from Tetra Defense, the Root Point of Compromise (RPOC) for attacks against U.S. companies was external exposure. Patchable and preventable external vulnerabilities were found to be responsible for the bulk of all attacks.
- 82% of incidents responded to by Tetra Defense were caused by the external exposure of a known vulnerability on the victim’s network
- Incidents caused by unpatched systems cost organizations 54% more than those caused by employee error
- Log4J/Log4Shell is still being actively exploited, but the significant global attention of the vulnerability has prevented ongoing widespread exploitation
- Compromised credentials still account for a number of incidents, underscoring the need for more organizations to adopt multi-factor authentication (MFA) and implement dark web monitoring
“This cost discrepancy highlights the complexity of recovery from external vulnerability incidents and how failing to patch in a timely manner can be a contributor to a higher financial cost to an organization.”
Threat actors use of widespread automated discovery tools and exploitation of known vulnerabilities nearly guarantees that vulnerable, exposed services will be found and therefore likely exploited at a speed that has never been faster. Because of that, from a security defender’s perspective, it becomes a race against the clock; not if the vulnerabilities will be exploited, but when the access and information gained through exploitation will be used.
“Therefore, here are a few tips for mitigating external risk:
“Additionally, because so many breaches begin with social engineering/password guessing/etc., it is critical to enforce effective MFA across all external access points and accounts. This will stop the majority of major external incidents before they start.”