• About
  • Subscribe
  • Contact
Friday, May 9, 2025
    Login
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
No Result
View All Result
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
No Result
View All Result
No Result
View All Result
Home Technology Security

Low-cost computing power opens floodgates to Asian hackers

Wickie Fung by Wickie Fung
July 20, 2021
Photo by Olha Ruskykh from Pexels

Photo by Olha Ruskykh from Pexels

The cost of computing has become so inexpensive that a would-be attacker need only spend HK$100 (US$13) to rent enough cloud computing power to do an imprecise scan of the entire Internet for vulnerable systems.

From the surge in successful attacks, it has become apparent that adversaries are regularly winning the race and finding at-risk IT assets before defenders can patch new vulnerabilities.

In Hong Kong, it is hard to ignore the increasingly common first-hand experiences with breaches disrupting our digital lives, as well as the continuous flow of news reports from overseas chronicling the surge in cyber extortion.

The vulnerability management system most enterprises follow is not designed to cope with the modern reality of what is dubbed an “attack surface”.

V.S. Subrahmanian, director of the Institute for Security, Technology, and Society at Dartmouth College in the U.S. recently warned in a Wall Street Journal op-ed that “Cybersecurity Needs a New Alert System” and outlined flaws in the communication process for patches from vendors to customers. This, however, is only half the story.

In the past five years, attackers have perfected techniques that scale at speed. To identify new targets, scanners just need a target—usually a list of IPs or a specific vulnerability.

For attackers not using online tools, many scanners are open source. With a simple trip to GitHub, attackers need merely download a scanner, deploy it onto infrastructure, and off they go.

Remote Desktop Protocol is the main weakness

A Cortex Xpanse survey, conducted from 1 January to 31 March this year, identified the most common vulnerability as being related to Remote Desktop Protocol (RDP), use of which has surged since the beginning of 2020 as enterprises speed-up efforts to move to the cloud to support remote workers under COVID-19.

RDP’s top spot is particularly worrisome because it’s a key gateway for ransomware. The survey found constant RDP scanning for port 3389—reserved for RDP. Such scanning is often followed by brute-forcing credentials or basic credential cracking tools.

Worse, in the remote work environment, connecting from a personal device means it’s out of the security team’s control. This gap means most companies don’t have the right controls, and without visibility, attackers have the luxury of time to find and exploit RDP.

Organizations are moving to the cloud, and it is too easy for employees to spin up a cloud service outside of normal IT processes. Across cloud infrastructure providers like Amazon

Web Services (AWS), Microsoft Azure, Google Cloud, Oracle, Rackspace, and more, the survey findings show that organizations experience nearly four times the total number of critical issues for cloud infrastructure than they do for on-premises environments. Several factors contribute to the cloud’s significant risk.

  1. The cloud is harder to manage because it’s easy to deploy. Employees can set up in any cloud provider, oblivious to corporate policies that state otherwise.
    The COVID-19 pandemic accelerated the growth of the cloud, which, most likely, won’t revert to old-school IT anytime soon – even in Hong Kong. 
    Cloud spending globally rose 37% to US$29 billion during the first quarter of 2020.  According to Gartner, cloud spending rose to 19% in 2020, even as IT spending fell 8%.
  2. The cloud is constantly changing. Prior Cortex Xpanse research shows that, on average, companies add 3.5 new publicly accessible cloud services per day—nearly 1,300 per year.
    Poorly provisioned cloud and on-premises might both be exposed on the internet, and enterprises are at risk in either case.
  3. CSP security may not suffice. Relying on only what the baked-in security cloud service providers (CSPs) include can be insufficient.
    CSP tooling can provide basic vulnerability scanning and cloud security posture management capabilities, but it’s just the basics. For enterprises, it doesn’t provide the visibility or full-stack security that you would need to be cloud-native.

The attack surface and some recommendations

With intrusions becoming more sophisticated, enterprises must think harder about the attack surface. Digital transformation has turned enterprises inside out, creating numerous and frequently insecure backdoors into their network in the form of abandoned, rogue, or misconfigured assets.

Advancements in scanning technology made these backdoors easier to find and fundamentally changed how we think about the Internet and gathering information on it -- especially for hackers, who, by definition, are innovators and early adopters.

To counter these attacks organizations should focus on the basics. 

  1. Gain better global Internet visibility: Implement a system of record to track every asset, system, and service owned that is on the public Internet, including across all major CSPs and dynamically leased (commercial and residential) ISP space using comprehensive indexing, spanning common and often misconfigured port/protocols (i.e., not limited to the old perspective of only tracking HTTP and HTTPS websites). 
  2. In-depth attribution: Detect systems and services belonging to your organization using a full protocol handshake to verify details about a specific service running at a given IP address.
    By fusing this information with several public and proprietary datasets, match the full and correct set of Internet-facing systems and services back to a specific organization.

With these in hand, then countering surface attacks becomes more manageable. 

Related:  Palo Alto Networks’ 5 cybersecurity predictions for APAC in 2022
Tags: Cortex XpansePalo Alto Networks
Wickie Fung

Wickie Fung

Wickie Fung is managing director, Hong Kong and Macau at Palo Alto Networks and responsible for developing market strategy and helping customers plan and implement robust cybersecurity infrastructure. Fung works with customers in finance, healthcare, government and other verticals across the region.

No Result
View All Result

Recent Posts

  • Study finds almost half of businesses bank on AI-enabled cybersecurity for EDR and XDR
  • AI drives cloud market growth in Q1
  • ARTHALAND chooses OutSystems to advance real estate sustainability
  • Experts warn against AI-powered deepfake impersonation scams
  • Dropbox updates universal search and knowledge management product

Live Poll

Categories

  • Big Data, Analytics & Intelligence
  • Business Applications & Databases
  • Business-IT Alignment
  • Careers
  • Case Studies
  • CISO
  • CISO strategies
  • Cloud, Virtualization, Operating Environments and Middleware
  • Computer, Storage, Networks, Connectivity
  • Corporate Social Responsibility
  • Customer Experience / Engagement
  • Cyber risk management
  • Cyberattacks and data breaches
  • Cybersecurity careers
  • Cybersecurity operations
  • Education
  • Education
  • Finance
  • Finance & Insurance
  • FutureCISO
  • General
  • Governance, Risk and Compliance
  • Government and Public Services
  • Growth Strategies
  • Hospitality & Tourism
  • HR, education and Training
  • Industry Verticals
  • Infrastructure & Platforms
  • Insider threats
  • Latest Stories
  • Logistics & Transportation
  • Management Leadership
  • Manufacturing
  • Media and Telecommunications
  • News Stories
  • Operations
  • Opinion
  • Opinions
  • People
  • Process
  • Remote work
  • Retail & Wholesale
  • Sales & Marketing
  • Security
  • Tactics and Strategies
  • Technology
  • Utilities
  • Videos
  • Vulnerabilities and threats
  • White Papers

Strategic Insights for Chief Information Officers

FutureCIO is about enabling the CIO, his team, the leadership and the enterprise through shared expertise, know-how and experience - through a community of shared interests and goals. It is also about discovering unknown best practices that will help realize new business models.

Quick Links

  • Videos
  • Resources
  • Subscribe
  • Contact

Cxociety Media Brands

  • FutureIoT
  • FutureCFO
  • FutureCIO

Categories

  • Privacy Policy
  • Terms of Use
  • Cookie Policy

Copyright © 2022 Cxociety Pte Ltd | Designed by Pixl

Login to your account below

or

Not a member yet? Register here

Forgotten Password?

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
No Result
View All Result
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
Login

Copyright © 2022 Cxociety Pte Ltd | Designed by Pixl

Subscribe