Home
Information security firm Rapid7 established the National Exposure Index that shows the countries most vulnerable to hacking attacks by scanning the entire worldwide web for servers with their front doors wide open. It turned out that the most vulnerable country in the world is Belgium. Tajikistan ranks second, Samoa third, and Australia forth. Rapid7’s Project Sonar is a tool that allows to produce the map of the Internet by scanning every single public-facing IP address in a matter of hours and looking at which services they are offering to the wider Internet.
In fact, most of those services will be appropriate – for example, a web server with an open port 80, the “door” through which HTTP web pages are sent through. The problem is that 80% of the top services offered by servers on the Internet are unencrypted – for example, POP3 (an outdated email protocol) and FTP (an insecure method of transferring files).
The researchers were surprised by their own findings, as they expected to find that the most exposed countries were also the richest (by aggregate GDP), which were likely to have the most net-connected devices making them proportionally the most potential for damage. But the most vulnerable country appeared to be Belgium – while the country has fewer nodes than larger countries like China, a greater proportion of them are offering connections to services which are often insecure.
The mapping project was launched as part of an attempt to comprehensively determine quite how insecure the Internet is. Security experts remind of previous comprehensive scans – for example, the 2012 Internet Census – which all have been one-off measures to date. The Internet Census, for instance, traded comprehensiveness for repeatability, because its methodology involved legally questionable access to household routers in order to perform the scans. Unlike Rapid7’s approach, which involves pushing on doors to see if they’re open, the Internet Census actually went in the building to see what it could find.
The information security firm hopes to repeat the survey regularly and eventually discover whether or not the worldwide web is developing in a good direction. Rapid7 hopes that the worst of the insecure servers will go offline in the near future.
sourced from torrentfreak
In fact, most of those services will be appropriate – for example, a web server with an open port 80, the “door” through which HTTP web pages are sent through. The problem is that 80% of the top services offered by servers on the Internet are unencrypted – for example, POP3 (an outdated email protocol) and FTP (an insecure method of transferring files).
The researchers were surprised by their own findings, as they expected to find that the most exposed countries were also the richest (by aggregate GDP), which were likely to have the most net-connected devices making them proportionally the most potential for damage. But the most vulnerable country appeared to be Belgium – while the country has fewer nodes than larger countries like China, a greater proportion of them are offering connections to services which are often insecure.
The mapping project was launched as part of an attempt to comprehensively determine quite how insecure the Internet is. Security experts remind of previous comprehensive scans – for example, the 2012 Internet Census – which all have been one-off measures to date. The Internet Census, for instance, traded comprehensiveness for repeatability, because its methodology involved legally questionable access to household routers in order to perform the scans. Unlike Rapid7’s approach, which involves pushing on doors to see if they’re open, the Internet Census actually went in the building to see what it could find.
The information security firm hopes to repeat the survey regularly and eventually discover whether or not the worldwide web is developing in a good direction. Rapid7 hopes that the worst of the insecure servers will go offline in the near future.
sourced from torrentfreak