Today could be the day

Today could be the day – Why daily vulnerability scanning matters more than ever

If your office window was broken, would you fix it as soon as you noticed the problem? Or would you leave it, and your business, exposed? This may sound like common sense, but if you aren’t applying the same rules to your cybersecurity perimeter as your physical one, then it’s only a matter of time before your business is compromised.

Every day, new vulnerabilities are discovered and exploited by hackers, often in the space of just a few hours. In 2018, more than 16,000 new vulnerabilities were discovered and 80% of the most popularly exploited vulnerabilities of 2019 were found in Microsoft products, four of which could be found in Internet Explorer.

More damningly, Six of these potential problems have been in the list of the top 10 most commonly exploited vulnerabilities for three years – including a critical remote code execution found in Internet Explorer.

Daily vulnerability scanning can assess your perimeter and inform you of any remediation that needs to be made. Giving you a chance to act before the hackers can.

Daily vulnerability scanning? What the heck is that?

Daily vulnerability scanning is a fairly literal name, but, essentially, it is the act of routinely scanning your organisation’s outward-facing perimeter. The scan aims to identify anything that could be potentially exploited by hackers or other malicious actors.

The benefit of these scans is that they pinpoint, and alert you to, any vulnerabilities that could bring your business down. With new vulnerabilities being discovered as frequently as they are, daily scanning provides you with the insight you need to stay safe.

Oh, you already have an annual penetration test? Well…

It’s not a pen test!

Penetration tests are a fantastic use of your time and resources, and every business should be doing *at least* one a year. However, daily vulnerability scans don’t necessarily work in the same way as pen tests.

If your organisation has a penetration test tomorrow and everything is perfect, that’s great. However, what are you going to do if a new vulnerability is discovered the next day? Or the day after that? Without regular vulnerability scans, your organisation could be exposed for as long as another 364 days. Is that a chance you want to take?

Organisations who receive regular pen tests have, on average, 10 security vulnerabilities and those who have never had a pen test have an average of 32. Shockingly, many of these vulnerabilities are left exposed for 431 days on average and only 22% are ever resolved.

So, how do you get a daily vulnerability scan?

Introducing Cyberfort Oversight

Cyberfort Oversight is our new 24/7 monitoring service, that guarantees complete coverage of your network perimeter. The service proactively detects any changes and vulnerabilities in your external-facing infrastructure as, and when, they occur.

Our Scanning databases are updated with zero-day vulnerabilities as soon as they appear, ensuring scans pick up the newest and highest risk vulnerabilities, without overloading your inbox with low priority fixes and false positives. These are removed by Arcturus’ (part of the Cyberfort Group) CREST consultants, and high and critical alerts will be emailed to your decision makers, alongside instructions for any remediation.

Oversight utilises automated tools to provide a 24/7/365 solution. Unlike a penetration test, it focuses solely on identifying high-risk, high-impact vulnerabilities. Leaving you with a greater sense of confidence in the security of your IT perimeter.

Here’s an example of how Oversight can mitigate disaster for you.

Oversight in practice

In the days before New Years Eve 2019, Travelex, the world’s largest foreign exchange company, became the victim of a ransomware attack that kept operations offline for most of January, costing the firm millions.

At the time, Travelex communicated that they were experiencing difficulties due to, what the company called, a ‘software virus’. However, the hackers had exploited a relatively new vulnerability, found inside their Pulse Secure VPN, to infiltrate the Travelex network and ransomware the company.

This vulnerability is the very same that Oversight had reported to our clients, months earlier. As a result of Oversight’s automated, rapid response times, we were able to share our recommendation to immediately take each of them offline and apply patches.

In our instructions, we made the severity of the threat crystal clear. This vulnerability could allow hackers to bypass any security measures, leaving their organisation’s network completely wide open.

The underlying threat was never the ransomware, but the vulnerability that allowed hackers to infiltrate the network.

Thanks to Oversight, our clients were able to immediately act on this alert, taking their hosts offline and applying the relevant patches. Travelex, on the other hand, did not and now this may mean they are subject to a fine of 4% of annual turnover from the ICO.

And the victims? CISA recently cautioned that hackers may still have access to the affected networks and the ability to spread across them, if compromised login credentials have not yet been changed. In fact, CISA also reported a surge in this kind of malicious activity, further confirming that unpatched vulnerabilities can have far-reaching and devastating consequences.

To learn more about how Cyberfort Oversight can help your business protected, get in touch with us today.