23% of leading banks had an exposed database with potential data leakage
Reposify unveiled research findings of critical asset exposures and vulnerabilities in attack surfaces of the world’s leading multinational banks.
Researchers measured the prevalence of exposed sensitive assets including exposed databases, remote login services, development tools and additional assets for 25 multinational banks and their 350+ subsidiaries.
Banks deal with exposed database threat
- 23% of banks had at least one misconfigured database exposed to the internet resulting in potential data leakage issues
- 54% of the banks had at least one RDP exposed to the internet
- 31% of banks had at least one vulnerability to Remote Code Execution
- Multiple unsecured FTP servers with anonymous authentication were discovered
The myriad of exposures such as RDP, unsecured FTP and misconfigured development tools can be leveraged by attackers to gain unauthorized access to banks’ internal networks and result in data breach attacks. The exposed databases which were discovered place customer and other sensitive data at direct and imminent risk of exposure.
Banking industry DX challenges
In recent years, the banking industry has gone through a massive digital transformation. Alongside the many benefits, the increase in digitization and connectivity have created great security challenges and made the banking industry even more susceptible to cyber-attacks.
“The interconnectedness of IT systems and growth in third-party partners have expanded the external attack surface and potential weak points.” said Yaron Tal, CEO, Reposify.
“Banks’ IT ecosystems are in a constant state of flux and network perimeters are extending well beyond firewalls and control systems. Banks’ actual attack surfaces are simply much bigger than most realize.”
Visibility of internet facing assets inventory
Banks typically have well-established security programs which are heavily regulated by various institutions yet 84% of the exposed assets are likely to be under IT and security teams’ radars and out of the scope of traditional asset management and security tools.
Gaining visibility of the complete internet facing assets inventory is critical. External and continuous view allows teams to know at any given moment which of their known or unknown devices and services are exposed to the internet and to take steps to proactively manage and mitigate the risks.