Organizations are introducing over 300 new services each month, contributing to nearly 32% of high or critical cloud exposures, according to a new report by Palo Alto Networks' Unit 42.
This rapid expansion of digital services is creating a complex cybersecurity landscape, the firm warned, making it increasingly difficult for businesses and government entities to maintain an accurate inventory of their IT assets, which are prime targets for attackers.
The Attack Surface Threat Report highlights that 73% of high-risk exposures stem from three main categories:
- IT and networking infrastructure
- Business operations applications
- Remote access services
These categories can be exploited for lateral movement and data exfiltration, posing significant organizational risks.
Notably, over 23% of these exposures involve critical IT and security infrastructure, leaving essential networking and security appliances vulnerable to opportunistic attacks.
Vulnerabilities in application-layer protocols like SNMP, NetBIOS and PPTP, as well as internet-accessible administrative login pages for routers, firewalls, VPNs and other core networking and security appliances, further exacerbate these risks.
The media and entertainment sector adds more than 7000 new services monthly. Other sectors, including telecommunications, insurance and pharma and life sciences, also face substantial increases, with over 1000 new services added to their attack surfaces. Critical industries like financial services, healthcare and manufacturing each introduce over 200 new services.
Unit 42's analysis also revealed that IT and networking infrastructure vulnerabilities account for 25% of observed incidents, including weaknesses in protocols and configurations.
Additionally, remote access services such as RDP and SSH represent over 23% of total exposures, posing significant security risks due to improper configurations.
The report outlined a framework for assessing attack surface risk, combining the potential costs of a breach—financial loss, operational disruptions, reputational damage and regulatory penalties—with the likelihood of such breaches, influenced by vulnerabilities in internet-exposed assets.
Read more on security exposures: 82% of Companies Struggle to Manage Security Exposure
To mitigate these risks, Unit 42 recommends continuous scanning of internet-exposed services, prioritizing high-risk vulnerability and utilizing automation for swift identification and remediation