Feb 15, 2017
Shodan is an online search engine that catalogs cyber assets or internet-connected devices. Many cyber assets are exposed in Shodan for a number of reasons, including poor configuration. This level of exposure can become a serious security concern when hackers take advantage of them to steal data, launch ransomware or distributed denial-of-service (DDoS) attacks, or gain entry into networks.
Using Shodan data, Trend Micro researchers Numaan Huq, Stephen Hilt, and Natasha Hellberg assess which devices, servers, and critical sectors in the US are the most exposed. Affected parties can use this information when implementing the necessary security measures that will better protect their data and assets from future compromise.
Webcams are attractive targets for attackers not only because they can be used for surveillance but also because many webcams don’t come with an auto-update function. This means they are rarely patched and can be easily exploited. Houston, Texas is one of the biggest US cities with the most number of exposed webcams, while GeoVision GeoHTTPServer is the most exposed product.
EXPOSED SERVERS AND DATABASES
Web servers are Internet-facing by design and are riddled with vulnerabilities, which attackers can take advantage of. A compromised Web server can be used to redirect visitors to malicious websites, or host malicious content and illegal data. Apache HTTPD type is the most exposed product, while Los Angeles, California has the most number of exposed web servers.
EXPOSED CRITICAL SECTORS
Lafayette, Louisiana and Saint Paul, Minnesota have more exposed government cyber assets than the US capital, Washington DC. Firewalls make up almost half of the sector’s most exposed devices.It must be noted that while we say ‘unsecured’ and ‘exposed’, this do not necessarily mean that the listed cyber assets are compromised, rather they are simply poorly configured and are thus vulnerable. As such, there may still be time for the owners of these unsecured cyber assets to secure them and prevent further attacks.
For complete and detailed information on this research, as well as up-to-date and actionable steps organizations and even home users can take to better secure their networks and connected devices, you can check out our research papers below.