Being "number 1" isn't always a good thing. Rapid7 has just published their third annual "National Exposure Index," and unfortunately, the United States has the dubious honor of being the nation most at risk for a cyber attack on its core services. The group's methodology for ranking national exposure comes down to tracking the number of exposed services and comparing this number to the nation's total allocated IP address space.
Ranked in this way, the top four most vulnerable countries are:
- The United States
- South Korea
- The UK
All told, these four nations control more than 61 million servers listed on at least one of the points surveyed by Rapid7.
Drilling down a bit more deeply, the report also contained this chilling fact:
"There are 13 million exposed endpoints associated with direct database access, half of which are associated with MySQL. Along with millions of exposed PostgreSQL, Oracle DB, Microsoft SQL Server, Redis, DB2, and MongoDB endpoints, this exposure presents significant risk of crucial data loss in a coordinated attack."
Given that this year has already given us the largest DDOS attack in the history of the internet, Rapid7's findings should not be taken lightly. The risks are very real, which is why the company is so strongly committed to the publication of their annual report.
As they put it:
"...national internet service providers in these countries can use these findings to understand the risks of internet exposure, and that they, along with policymakers and other technical leaders, are in an excellent position to make significant progress in securing the global internet."
A lofty goal indeed. Unfortunately, although the data is illuminating, there are no quick or easy answers here, especially in the United States. Thus far, the U.S. has struggled to put together a cohesive digital security policy at the national level, which seems unlikely to change at least in the near future.