Randori Report Finds that One in 15 Organizations Still Run a Vulnerable or "Tempting" Version of SolarWinds

WALTHAM, Mass., Oct. 13, 2021 /PRNewswire/ -- Randori, the company who attacks to protect, today released its first-ever 2021 Attack Surface Management Report: the Internet's Most Tempting Targets. The report uses Randori's patent-pending Target Temptation model to identify which internet-exposed assets an attacker is likely to go after and exploit, assigning each asset a unique attacker Temptation Score. The report then determines the prevalence of those highly tempting assets on enterprise attack surfaces globally.

Leading up to the anniversary of the Solarwinds hack, and after a very tumultuous year in cybersecurity—especially with ransomware and supply chain attacks—Randori wanted to understand the ongoing prevalence of internet-facing assets that contribute to these attacks. This report consolidates Randori's insights about attack surfaces into actionable data and advice.

Top Trends include:

• One in 15 organizations currently runs a version of SolarWinds that is known to be actively exploited or highly tempting. These versions have an average Temptation Score of 40.
• 15% of organizations are running an outdated version of IIS 6, which hasn't been supported by Microsoft for six years. IIS 6 has an average Temptation Score of 37.
• 38% of organizations use Cisco's Adaptive Security Appliance (ASA) firewall, which has a history of public vulnerabilities. It has a Temptation Score of 37.
• 46% of organizations are running Citrix NetScaler, which has a history of public exploits, and if hacked would give an adversary high privileges. It has a Temptation Score of 33.
• 3% of organizations still run older versions of Microsoft Outlook Web Access (OWA) — versions 15.2.659 or older — despite the recent Exchange hacks and several known exploits. The average Temptation Score is 38.
• More than 25% of organizations have RDP exposed to the internet, which when exposed to the internet, increases the risk for attacks, including ransomware.

"I'd wager the remaining vulnerable SolarWinds instances are there because of ignorance, not negligence. Organizations struggle to know what they have exposed on the internet. Cloud migration and the work-from-home boom dramatically increased the number of exposed assets, and people can no longer rely on existing security strategies to understand their attack surface," said David Wolpoff, CTO and cofounder Randori. "Many assume prioritizing based on vulnerability severity will keep you safe.  But that's simply not true. Attackers think differently, and vulnerability severity is just one of many factors weighed by an attacker. Our hope with releasing this report is that people will get deeper into the attacker's mindset, apply attacker logic to their security programs, and get one step ahead."

Get tips on how to better secure an attack surface in our blog, or download the full Attack Surface Management Report for a comprehensive analysis on the most tempting assets, and to take a deep dive into the six attributes an attacker considers when determining what to exploit.

Randori is dedicated to helping organizations better understand what's on their perimeters to reduce their attack surface and stress test their security programs —all to build more resilient security programs. Get a free attack surface review or learn more about our continuous red teaming platform.

Randori's 2021 Attack Surface Management Report Methodology
The 2021 Randori Attack Surface Report looks at attack surface data across millions of internet-exposed assets, and applies its patent-pending Target Temptation Engine to determine relative likelihood an asset will be attacked, the Temptation Score. The Temptation Score applies a proprietary weighting of six different attributes to determine the Temptation Score of an asset. Millions within Randori's unique dataset were analyzed when doing this report during the month of August 2021.

About Randori
At Randori, we attack to protect. Recognized by Gartner & IDC as a leader in Offensive Security, the Randori Platform unifies Attack Surface Management (ASM) and Continuous Automated Red Teaming (CART) to provide enterprises the visibility, actionable insights and validation they need to proactively prevent breaches. Customers like VMWare, Greenhill Inc, FirstBank, NOV, Lionbridge and many more, trust the Randori platform, which was designed by the world's foremost offensive security practitioners at nation-state levels. Discover what's exposed on your attack surface today at randori.com and get the latest insights by following Randori on Twitter and Linkedin.

SOURCE Randori

Related Links

www.randori.com