50% of global cybersecurity firms host exposed databases

March 7, 2022

More than half of leading cybersecurity firms host at-risk databases, according to Reposify’s new Cybersecurity Industry: State of the External Attack Surface report. The assessment uncovered more than 200,000 exposed assets among 35 multinational cybersecurity companies and their 350+ subsidiaries in only two weeks.

Findings note that 97% of security companies have exposed assets on their Amazon Web Services (AWS); 89% of assets identified on remote access sites were exposed to the internet, and 42% of the assets discovered could be classified as “high” or “critical” risk.

Fast-paced growth in modern business has created major blind spots for security teams. Distributed assets are multiplying due to global digital transformation, increased reliance on cloud-service providers and third-party vendors, and the transition to hybrid work environments. This has put a strain on external attack surface management. According to a report by the Enterprise Strategy Group, 69% of companies admit they have experienced at least one cyberattack that started by exploiting an unknown or unmanaged internet-facing asset.

Yaron Tal, founder and CTO at Reposify, suggests companies must lead by example, and harden their external attack surface security to make it more difficult for attackers to gain a foothold in their systems, beginning with a clear view of their external attack surface and continuous monitoring and elimination of risky attack vectors.

Additional findings include:

The impact of the fast-paced transition to a fully remote, digital environment. Of the assets discovered on remote access sites, 89% were classified as part of the unofficial perimeter. Similarly, 87% of databases were unaccounted for, with 67% on development tools and 62% of all network assets.
Databases are among the most vulnerable to a cybersecurity threat. More than half (51%) of companies host an exposed database, and out of the companies identified as having an exposed database, 72% have exposed PostgreSQL databases, and 50% with exposed Oracledb databases.
Forty-two percent of the exposed assets discovered were of high or critical severity. Thirty percent of issues found were categorized as high severity, and 11% at critical severity.

The full report is available here.

Ransomware and the propulsion of the extortion economy has rapidly eclipsed into a national priority. Recently, we observed the catastrophic impact of a widescale ransomware attack impacting gas pipelines and raising national gas prices overnight.