Adding new services to a company’s infrastructure significantly increases the attack surface, and with it the likelihood of being successfully hit by a cyberattack. Despite this, enterprises in most industries are adding many new services each month, risking devastating breaches, experts warn.
A new report from Unit 42, the cybersecurity arm of Palo Alto Networks, finds that the average organization adds or updates more than 300 services every month.
Unit 42 found that organizations in the Media and Entertainment vertical added a significant number of services each month – 7,469. Telecommunications came in second with 2,892 (about a third of what the Media and Entertainment companies added), followed by Insurance with 2,271.
Wide range of goals
“These new and updated services account for nearly 32% of organizations’ new, large, or critical cloud exposures,” the researchers said in the report.
Rapidly adding new services, without central oversight, “inevitably” leads to misconfigurations and exposures, Unit 42 concluded, adding that this means a greater chance of a breach.
“It is challenging to properly strengthen your defense without full knowledge of your entire offense.”
For example, misconfigured databases are one of the most common causes of data breaches. Many organizations collect vast amounts of personally identifiable information (PII) about their customers, partners, and employees, often storing this information in an unprotected cloud-based database.
This allows criminals who know where to look to easily obtain this data and sell it on the dark web or use it for phishing and social engineering attacks.
Palo Alto says attackers can scan the entire IPv4 address space (which contains 4.3 billion IPv4 addresses) in a matter of minutes. According to Unit 42’s research, “once attackers are in, they can move faster to steal data, sometimes in less than a day.”