Why does it seem that we are always defending? Seemingly the same thing every day – every month, as the patches come out IT departments must patch consistently and without fail.
Because if not what happens? Such as from Fortinet’s¹ analysis 10% of all NFS servers in the world are vulnerable to a specific attack.
The Global heat-map shows the country most in danger is the USA, with China in 2nd place. Notice the largest economies have the highest vulnerabilities.
So what does 10% mean?
The solution here is to upgrade to a new version of NFS and enable encrypted authentication
Fortinet researchers used the database Shodan.io² for their data.
And if one goes to the site directly one can count 5 exploits, 4 remote, 2 DOS, and 1 local types under “NFS” for a total of 12.
there are 129 known CVE’s 7 in exploitdb and 5 known metasploit attacks.
To a hacker this is a known item.
So what can a hacker do this information?
Well they will do more research and find out where they actually are and whether they can hack or mine information from these NFS problems:
Thousands of the exposed servers were located in the U.S. (18,843 servers), China (11,608), France (10,744), Germany (7,188) and Russia (5,269), the firm reported. This part of the data from Shogun/Fortinet actually resides on the
Securityintelligence.com³ IT news site.
Now we know of 18,843+11608+10744+7188+5269 = 53652 servers are susceptible to some type of attack. This is an obvious goldmine for hackers. Imagine that 10% of these exposed servers can get hacked in such a way do that the hacker can run their own programs on them (i.e. root or admin privilege with command line access). So now what?
~5400 servers may get ransomware that could gross $300 – $500 for each system – which means that $1.6mil to $2.7mil payoff could be coming to the hackers.
What if all the servers were susceptible to ransomware? then the payoff is $16mil to $27mil.
Now do you see what the danger is from attacks? Every day brings new dangers – Don’t play Cyber roulette
Every day you have a chance of firing a 500 or 1000 barrel risk gun and it “goes off” thus The attacker finally made it in. The chance may be 1 in 500 every day, or 1 in a 1000.
Contact us to reduce your risk online. Send us your email address and we will send you updates as they happen here.
- https://blog.fortinet.com/2016/05/30/misconfigured-nfs-servers-put-thousands-of-terabytes-of-data-at-risk
- https://exploits.shodan.io/?q=nfs
- https://securityintelligence.com/news/new-research-finds-10-percent-of-nfs-servers-globally-are-at-risk/