Home > United Nations Online Network in Public Administration and Finance (UNPAN)
1. Global
Global
2. Africa
Africa
3. Arab States
Arab States
4. Asia & Pacific
Asia & Pacific
5. Europe
Europe
6. Latin America & Caribbean
Latin America & Caribbean
7. North America
North America
UNPAN Asia & Pacific




Public Administration News  
Share
Australia Fourth Most Vulnerable Nation to Hacking: Study
Source: www.itwire.com
Source Date: Thursday, June 09, 2016
Focus: Knowledge Management in Government
Country: Australia
Created: Jun 14, 2016

Australia ranks fourth among the countries most vulnerable to hacking attacks, according to a study by penetration testing and information security form Rapid7.

Belgium tops the list, followed by Tajikistan and Samoa.

The company compiled what it calls a "heat map" of the Internet, looking for servers that had exposed ports that could be compromised.

Rapid7 used its Project Sonar tool to carry out a scan of every public-facing IP address and examine the services being offered to the wider Internet.

Many ports on a server offer services that they should be offering; the most common example is port 80 on which http services, or normal web pages, are offered. It is better if the encrypted version, https, is offered.

But there are a number of services which are unencrypted and open to compromise. For example, on port 110 one can find POP3 servers being offered. And port 21 is used for FTP, an insecure method of transferring files over the Internet.

"Today's Internet touches virtually everyone’s lives and is a critical component of economic security," the study noted. "Counter-intuitively, the adoption of fully encrypted protocols for core Internet services has not scaled with our personal, national, and global dependence on the Internet."

While the countries with greater GDP, like China and the US, had a much greater number of Internet users and hence many more net-connected devices, they were not the most exposed. In the case of Belgium, though it had many less Internet servers, a greater percentage were offering services that were insecure.

While Australia was the fourth most vulnerable overall, it also had the same rank among countries that had ports for database protocols exposed.

"We counted 7.8 million MySQL databases and 3.4 million Microsoft SQL Server systems. Six countries, the United States, China, Hong Kong, Belgium, Australia and Poland expose 75% of discovered Microsoft SQL nodes. Those same countries expose 67% of MySQL nodes," the study noted.

Among the findings of the study were:

# Millions of systems offer services that should not be exposed to the public network. The survey found 15 million nodes appearing to offer telnet, 11.2 million appearing to offer direct access to relational databases, and 4.5 million apparent printer services. (The scans counted 7.8 million MySQL databases and 3.4 million Microsoft SQL Server systems. The study did not include ports for other popular database systems, notably, PostgreSQL and OracleDB.)

# A total of 4.7 million systems expose one of the most commonly attacked ports used by Microsoft systems, 445/TCP.

# SSH (secure shell) adoption over telnet (clear-text shell) is gaining ground, with over 50% of regions offering more ssh servers than telnet servers.

# Non-web-based access to email (via clear text POP or IMAP protocols) is still the norm versus the exception in virtually every country.

# There is a correlation between the GDP of a nation, overall Internet “presence” in terms of services offered, and the exposure of insecure, clear-text services.

# The most exposed nations include countries with the largest GDPs, such as the United States, China, France, and Russia.

News Home

 Tag This
 Tell A Friend
 Favorite
del.icio.us digg this Slashdot
Rate:
0 ratings
Views: 1166

Comments: 0 Favorited: 0 Bookmarked: 0 Tagged: 0



0 Comments | Login to add comment

Site map | FAQs | Terms and Privacy | Contact Us
Copyright 2008-2010 by UNPAN - United Nations Public Administration Network