Zscaler Analysis Shows Corporate Attack Surfaces Grew During Pandemic

ZSCALER ZENITH LIVE — Corporate attack surfaces rapidly expanded during the COVID-19 pandemic as companies dispersed their workforces. That’s according to a new Zscaler analysis.

Zscaler released its report during its Zenith Live virtual conference on Tuesday. The report analyzed the attack surface of 1,500 companies. It uncovered more than 202,000 common vulnerabilities and exposures (CVEs). Some 49% of those were classified as critical or high severity.

Coupled with an increasing reliance on public cloud services and vulnerable enterprise VPNs, large organizations not using zero-trust security became more vulnerable to network intrusion attacks.

Todd Meister is Zscaler‘s senior vice president of global partners and alliances.

Zscaler’s Todd Meister

“The COVID-19 pandemic has provided us with an unprecedented amount of data to track the impact of remote work on businesses that moved their workforce online,” he said. “Public cloud usage has skyrocketed. But security features have not been able to keep up. Our analysis of over 1,500 companies showed hundreds of thousands of vulnerabilities and exposed servers all over the world — meaning many companies were unaware of glaring security gaps.”

This Zscaler analysis should be a “wake-up call” for more organizations to review their security policies and consider a zero-trust approach to keeping their distributed employees and infrastructure safe, Meister said.

Exposed Servers

The report found nearly 400,000 servers exposed and discoverable over the internet for these 1,500 companies. Furthermore, 47% of those servers supported outdated and vulnerable protocols.

Public clouds posed a particular risk of exposure, with more than 60,500 exposed instances across Amazon Web Services (AWS), Microsoft Azure Cloud and Google Cloud Platform (GCP).

“Anything that can be accessed can be exploited by unauthorized or malicious users, creating new risks for businesses that don’t have complete awareness and control of their network exposure,” Meister said.

EMEA led the world in overall exposure and potential risk, with 164 CVE vulnerabilities, according to the Zscaler analysis. EMEA-based businesses had the most exposed servers. They were also more likely to support outdated SSL/TLS protocols and had greater risk of CVE vulnerabilities on average.

The Americas followed EMEA with 132 CVEs — 20% lower than EMEA. APAC followed the Americas with an average of 80 CVE possible vulnerabilities. That’s 51% lower than EMEA.

Telecommunications Most Vulnerable

The report analyzed a diverse group of companies spanning 23 different industries. It found telecommunications organizations were the most vulnerable and had the highest average number of outdated protocols in their servers. Telecom companies had the third highest average of exposed servers to the internet. That increased the risk of being targeted by cybercriminals for DDoS and double extortion ransomware attacks.

The report also put a particular focus on the hospitality industry. Restaurants, bars, and food service vendors had the highest average of exposed servers and public cloud instances.

“The hospitality industry rushed new online payment/services out last year without adequate investment in zero trust security — putting customers at risk,” Meister said.

Modern Security Needed

Digital transformation is accelerating at an unprecedented pace with analysts predicting over 65% growth in the next two years. Organizations should modernize their security to defend against today’s changing threat landscape and new remote working models, said Meister.

“When the COVID-19 pandemic began, Zscaler was able to help its customers adapt to an increase in dispersed workers by deploying new zero-trust security features that allow employees to securely work from anywhere while still maintaining access to internal and external applications,” he said. “In the past 12 months, we’ve seen a significant increase in incidents that involve cybersecurity breaches and double extortion ransomware attacks. As a result, we’ve started working closer with our customers and partners to ensure they are able to embrace new types of services and technologies without exposing themselves to risk from cybercriminals.”

Advancements to Zscaler’s Zero Trust Exchange reduce attack surfaces and improve overall security, Meister said. It does so by enabling businesses to adopt a zero-trust model.

“A zero-trust model ensures security between end-users and applications, regardless of where the application resides,” he said. “This keeps potential threats off the network and prevents bad actors from accessing important data on the network.”