COVID-19 , Endpoint Security , Governance & Risk Management
Exposure Alert: Unsecured Internet Protocol Use PersistsWhile Rapid7's Tod Beardsley Sees a Decline, 'It's Still Not Good Enough'
How has the COVID-19 pandemic - and the subsequent lockdown and job losses - affected the character and composition of the internet?
See Also: Live Webinar | Education Cybersecurity Best Practices: Devices, Ransomware, Budgets and Resources
Tod Beardsley, director of research at Rapid7, says that was one of the top questions posed when his firm took its latest look at the prevalence of outdated and unsecured internet protocols and internet-connected devices, as described in its National Industry Cloud Exposure Report for 2020.
The good news: "Generally speaking, the internet, as far as exposure goes, has gotten better," he says. In particular, researchers saw an overall decrease in the use of telnet and SMB, an increase in the use of SSH instead of telnet, as well as an increase in using DNS instead of TLS. In addition, the long-expected "tsunami of awfulness" that researchers have been anticipating with internet of things devices has yet to emerge, he says.
The less-good news, however, is that "things on the internet have gotten marginally better, but it's still not good enough," he says.
In this video interview with Information Security Media Group, Beardsley also discusses:
- The effect that the pandemic has had on the use of unsecured protocols and services;
- The continuing problem of outdated, unpatched systems;
- The widespread, continuing exposure of console applications - including remote desktop protocol - to the internet with insufficient security controls;
- The importance of using two-factor authentication, IP allow lists, encrypted versions of plaintext protocols and "baking in patching."
Beardsley is the director of security at Rapid7. He has over 20 years of security experience, having has held IT ops and IT security positions at organizations that include 3Com, Dell and Westinghouse. He's been a featured speaker at security and developer conferences on open source security software development, managing the human "Layer 8" component of security and software and reasonable vulnerability disclosure handling.