F-Secure Reveals the Top Two Ways Most Companies Get BreachedWith its unique web topology mapping feature, F-Secure Radar does what other vulnerability management tools won't: It helps admins discover their full attack surface, internal and external.
With its unique web topology mapping feature, F-Secure Radar does what other vulnerability management tools won’t: It helps admins discover their full attack surface, internal and external.
Helsinki, Finland – May 24, 2017: Companies are always looking for the new technology that will protect them from cyber attacks. Yet, F-Secure experts say that most companies get breached through one of two ways. And neither have anything to do with zero day vulnerabilities, which, they say, receive much more attention than they’re due.
“From our investigations, we know that most companies fall victim to attackers either because of unpatched software with known vulnerabilities, or because of the human factor, for example people falling victim to phishing emails,” says Janne Kauhanen, cyber security expert at F-Secure. Kauhanen says in essence, all other security measures are just secondary measures designed to catch attacks that happen because of these two reasons. “And still, companies are fixated on zero days and the newest methods of attack, which are often fairly restricted and obscure.”
A new security vulnerability is identified every 90 minutes,* and several thousands of vulnerabilities are disclosed every year. On average, it takes 103 days for a vulnerability to be remediated.* In contrast, according to Gartner, “the time it has taken from a patch coming out to when an exploit appears in the wild has dropped from 45 days to 15 days during the past decade.”** Gartner notes that, “on average, vulnerabilities that are exploited at day zero (aka with no knowledge of the vendor or no prior remediation being available) are about 0.4% of total vulnerabilities each year during the past decade.”**
The massive WannaCry crypto-ransomware outbreak is the most recent example of a known vulnerability being exploited to great effect. The outbreak, which has infected systems in dozens of countries and impacted a wide range of sectors including transportation and health services, is based on a Windows Server Message Block (SMB) vulnerability, MS17-010, that had been patched by Microsoft in March. The spread of the worm would have been reduced had more systems been kept up to date. Telemetry from F-Secure’s vulnerability management tool, Radar, indicates that 15% of hosts run Windows SMB. The WannaCry outbreak dramatically illustrates why admins should make sure SMB is properly patched and is not exposed to the public Internet.
You can’t fix what you don’t know about
“The best way to handle cyber threats is to actually foresee them by fixing vulnerabilities before they can even be exploited,” says Jimmy Ruokolainen, Vice President, Product Management at F-Secure. “This means hardening an organization’s entire attack surface. But with shadow IT, external misconfigurations, and potentially vulnerable partners, companies aren’t usually aware of their entire attack surface. That’s where F-Secure Radar goes further than other vulnerability management solutions, with our unique web topology mapping feature.”
Threat assessment tools work well for finding vulnerabilities and exposed systems, as long as they are directed where to look. They don’t work as well for finding all the systems they’re meant to be examining, however. Web topology is the arrangement of a network, including its nodes and connecting lines. With F-Secure Radar, information security managers can generate a threat assessment report of their organization’s internet and web topology and discover extraneous, vulnerable, or misconfigured systems, such as internet-exposed SMB. It even allows visibility into external brand infringements on the web.
F-Secure Radar is a turnkey vulnerability scanning and management platform. It allows admins to identify and manage both internal and external threats, report risks, and be compliant with current and future regulations (such as PCI and GDPR compliance). It enables streamlined productivity and security management, with an efficient service workflow, including vulnerability monitoring, automated scheduled scans, and ticketing for prioritized remediation and verification.
“The exploitation of known vulnerabilities is still the root cause of most breaches,” says Ruokolainen. “With F-Secure Radar, companies’ security teams can gain incomparable visibility and foresight into cyber security risks, so they can find exploitable vulnerabilities before anyone else does.”
*Source: Nopsec, 2016 Outlook: Vulnerability Risk Management and Remediation Trends
**Source: Gartner, It’s Time to Align Your Vulnerability Management Priorities With the Biggest Threats, Craig Lawson, 9 Sept 2016
Nobody knows cyber security like F-Secure. For three decades, F-Secure has driven innovations in cyber security, defending tens of thousands of companies and millions of people. With unsurpassed experience in endpoint protection as well as detection and response, F-Secure shields enterprises and consumers against everything from advanced cyber attacks and data breaches to widespread ransomware infections. F-Secure’s sophisticated technology combines the power of machine learning with the human expertise of its world-renowned security labs for a singular approach called Live Security. F-Secure’s security experts have participated in more European cyber crime scene investigations than any other company in the market, and its products are sold all over the world by over 200 broadband and mobile operators and thousands of resellers.
Founded in 1988, F-Secure is listed on the NASDAQ OMX Helsinki Ltd.
Latest Press Releases
Researchers find room keys at global hotel chains and hotels worldwide can be hacked to gain access to any room in the building.
F-Secure SAFE’s new ransomware protection capabilities arrive just as home users have the chance to eliminate the multi-billion dollar risk from their lives.
F-Secure’s new service combines expertise in aviation and cyber security to help aviation companies protect their most critical assets.
Channel partners have immense new service opportunities to protect their customers from rising numbers of targeted and fileless attacks with a leading-edge managed endpoint detection and response service.