Wondering why ransomware continues to be such a problem for state and local governments and other public institutions? Publicly accessible security-scan data shows that many public organizations have failed to do more than put a bandage over long-standing system vulnerabilities that, if successfully exploited, could bring their operations to a standstill.
Cities are not the only vulnerable targets waiting to be found by would-be attackers. Hundreds of thousands of Internet-connected Windows systems in the United States still appear to be vulnerable to an exploit of Microsoft Windows’ Server Message Block version 1 (SMB v. 1) file sharing protocol, despite repeated public warnings to patch systems following the worldwide outbreak of the WannaCry cryptographic malware two years ago. And based on data from the Shodan search engine and other public sources, hundreds of them—if not thousands—are servers in use at US public school systems. Even in cases where Microsoft’s patch of SMB v. 1 has been applied, the protocol remains a potential security problem—one that some organizations can’t completely close because some vendors still require the protocol for applications such as networked copiers and scanners.
Furthermore, the fact that these systems remain unpatched a full two years after WannaCry—and after Microsoft pushed out emergency patches for even no-longer-supported operating systems—raises the question as to what other critical security patches these organizations aren’t patching.
There are some aberrations in the Shodan data. For example, Shodan associated 230 vulnerable Windows server instances with a public school district in Littleton, Colorado. But that was a misreading of the address blocks associated with the systems—they were, in fact, virtual machines belonging to a German hosting provider that shared the same IP address block. That’s hardly good news—it just shows how pervasive the lack of patching is worldwide.
Secure your company with the help of our Cyber Security services today.
Portions of this story were compiled with the help of the article written by ArsTechnica, located here.