2023 State of EASM Report: CybelAngel analysis of half-billion internet-facing apps & devices reveals top trends in critical exposures to cyberattacks across industries
2023 State of EASM Report reveals critical infrastructure sectors among top industries for shadow IT exposure, leaked & stolen credentials, and third-party cloud misconfiguration
PARIS, FR, April 17th, 2023 – CybelAngel, a global leader in External Attack Surface Management cybersecurity technology, today released the 2023 State of the External Attack Surface: Annual Threat Trends Analysis Report. This report examines internet-facing exposures detected by CybelAngel’s Xtended External Attack Surface Management (EASMX) platform in 2022. The report also highlights the critical paths hackers will take to get to their target, as well as trends in cybercrime, key areas of data risk, and a breakdown of exposures by industry.
The findings from the 2023 External Attack Surface Report reveal that exposures outside of an organization’s firewall are the greatest source of cybersecurity threats. Across all industries, these vulnerabilities, composed of unprotected or compromised assets, data, and credentials, have proven to be an increasing challenge for organizations to detect and secure.
Among exposures, CybelAngel found:
- 87% of all detected threats are from third-party or malicious actors.
- Almost 1 in 10 (9%) of all detected internet-facing assets had an associated unpatched vulnerability. The top 10 CVEs were found unpatched at least 12 million times each.
- More than 70 billion files, including intellectual property and financial information, are currently freely available, unprotected, on unsecured web servers.
The trends within these detections are even more concerning when viewed against industries, with a significant number of risk areas threatening critical infrastructure including Telecommunications and Construction, Oil and Gasas. Tthe top three exposed industries are:
- Retail, with a disproportionately high number of malicious domains and many vulnerabilities detected in their assets.
- Telecommunications, which ranked notably high in many of the risk areas we examined—open ports, unsecured databases, sensitive documents, leaked credentials, and dark web activity.
- Business Services: Business Services were overrepresented in dark web activity and the number of malicious domains.
“Enterprise cybersecurity leaders and decision-makers have been successful in securing their own security perimeter, but critical infrastructure and other modernizing industries have fallen short. This is a major concern in itself,” said Erwan Keraudy, CEO and co-founder of CybelAngel. “With the majority of detected risks originating from external assets and actors, the threats these industries face today are ultimately the same. This highlights an immediate need for a security mindset overhaul – passive and reactive security measures are no longer enough in today’s security landscape. Cybersecurity teams must take a proactive and comprehensive stance on looking for early indicators of risk, which requires full visibility into the EASM including known assets, shadow assets, partner, vendor, supplier assets and more.”
Additional trends and predictions based on the report findings include:
- Information Stealer malware will proliferate within the enterprise. In a scan of the CybelAngel platform, 50% of emails associated with customers came with unhashed passwords – meaning they are plaintext and unencrypted. Many of the exposed emails in different breaches either share the same password or a close variation of another exposed password. Looking at credential leaks and dark web marketplace activity, malware designed to steal this data will grow rapidly.
- Shadow IT, including Operational Technology (OT) and Internet of Things (IoT) will increase. Though companies invest heavily in protecting their known assets, it’s challenging to do the same for Shadow IT blind spots, especially with the increasing use of internet-connected assets that are rarely secure. The report found that 8% of all detected OT/IoT devices had vulnerabilities, which can serve as a bridge to breach an otherwise secure network.
- The number of unsecured and misconfigured clouds will rise with cloud adoption. The complex multi-cloud environment extends the EASM immensely: CybelAngel detected 1.4 million misconfigured cloud devices. Almost 50% of all open cloud devices detected are personal Google Cloud Drives. AWS – S3 devices, or buckets, are the leader in detected exposed and open enterprise services – and the leader in being accessible to hackers.
To learn more about external risks in today’s digital landscape, download a copy of CybelAngel’s 2023 State of the External Attack Surface report, and visit https://cybelangel.com.
CybelAngel is a global leader in cybersecurity technology focused on External Attack Surface Protection and Management. As an early pioneer in ‘outside-in’ search technology, approaching cybersecurity just as an attacker would carry out infiltration, CybelAngel has developed the industry’s most extensive defense for external attack vectors, where the majority of cyberattacks are initiated. Combining expanded discovery and analysis, CybelAngel finds unknown assets and exposures to preemptively diffuse attack vectors that cyber criminals use to breach systems and wreak havoc.
CybelAngel proudly protects some of the largest global enterprises representing various sectors including the pharmaceutical, manufacturing, retail, and financial services industries. CybelAngel’s Xtended External Attack Surface Management (EASMX) is the only solution comprehensive enough to protect an enterprise’s entire external attack surface, regardless of where assets reside.
Follow CybelAngel on social media: