"America first" isn’t always a good thing, particularly when it comes to cyber-risk. Still, the US was number one on the list of nations from which the most risk to the internet originated, according to the third annual National Exposure Index released today by Rapid7.
Analysis of the current state of internet exposure revealed which geopolitical regions are most at risk for deliberate, wide-scale attacks on core services. “A country with a higher percentage of exposed services in relation to its total allocated IP address space will tend to score higher on National Exposure,” according to the report. North America, China, South Korea and the UK top the list of nations most vulnerable to cyber-attacks.
Combined, those nations control over 61 million servers listening on at least one of the surveyed ports. The report also found that nearly half a million exposed Microsoft Server Message Block (SMB) servers in the US, Taiwan, Japan, Russia, and Germany are targeted today.
“There are 13 million exposed endpoints associated with direct database access, half of which are associated with MySQL. Along with millions of exposed PostgreSQL, Oracle DB, Microsoft SQL Server, Redis, DB2, and MongoDB endpoints, this exposure presents significant risk of crucial data loss in a coordinated attack,” the report said.
This year has already made record for having the largest distributed denial-of-service (DDoS) attack using unsecured memcached user datagram protocol (UDP) servers; however, approximately 40,000 unpatched, out-of-date memcached servers remain at risk of being drafted into the next record-breaking DDoS attack.
While the report noted that it is nearly impossible to identify the country with the lowest risk exposure, the Federated States of Micronesia ranked 187 out of 187 countries on the list.
Rapid7 aims to use these statistics to identify the nations that can reduce their exposure to nefarious actors – particularly nation-state actors – by making improvements to their local infrastructures. According to the report, "This indicates to us that national internet service providers in these countries can use these findings to understand the risks of internet exposure, and that they, along with policymakers and other technical leaders, are in an excellent position to make significant progress in securing the global internet."