The RiskIQ report reveals that the rapidly increasing use of remote work access and perimeter devices during the Covid-19 pandemic is expanding digital attack surfaces, which has introduced a range of security flaws in the process.
In 2020 alone, there have been 18 high-to-critical vulnerabilities, meaning that vendors have had to patch security flaws within their devices.
Tapping RiskIQ’s Internet Intelligence Graph, which absorbs Internet data to map the billions of relationships between IP-connected devices worldwide, the study reveals the following amounts of vulnerabilities found within 12 widely used remote work access and perimeter tools:
F5 Big-IP: 967,437
Citrix NetScaler Gateway – 86,773
Palo Alto Global Protect: 61,869
Microsoft Remote Desktop Gateway – 42,826
Oracle WebLogic – 14,563
Citrix ADC – 7,970
IBM WebSphere Application Server – 7,496
Oracle iPlanet Web Server 7.0 – 2,848
Citrix ShareFile – 2,766
SAP NetWeaver – 2,629
Zoho Desktop Central – 1,988
Cisco ASA & Firepower – 1,982
“This data in this report gives us a unique glimpse of the new reality facing the enterprise in the post-Covid world, which is that network controls are coming up dangerously short,” said Lou Manousos, CEO of RiskIQ. “These IP-connected assets aren’t in the purview of most security controls, and dangerous flaws like those found in Cisco, Microsoft, Citrix, and IBM products will continue to be incredibly common.”
How to ensure your organisation is safe from the cyber threat
Both the US and Australian governments have advised comapnies using highly vulnerable remote work access and perimeter devices to address security flaws. In addition, the National Security Agency (NSA) and Australian Signals Directorate (ASD) have warned that state-sponsored actors leverage a broad swath of vulnerabilities to deploy web shell malware on vulnerable devices, gaining a foothold into target networks in the process.