Cybersecurity firm Rapid7 released a report examining cyber exposure of FTSE 350 companies. Findings show that the financial services sector of the UK’s economy leads all other industries in exposure of risky services to the internet.
From an attack surface perspective, the key metric researchers looked at is which ports are exposed to the internet. They consider two metrics: the total number of exposed ports, and the number of exposed high-risk ports. They define “high risk” as the ports commonly associated with FTP, SSH, Telnet, SMB, and RDP.
Drilling down to the high-risk ports, Rapid7 found that although technology companies dominate the overall port exposure, they fall in the middle of the pack for high-risk exposed ports and services. On the other hand, financial services companies are still exposing a number of concerning ports.
In particular, the average financial services company is exposing two telnet ports – telnet is a notoriously insecure protocol that has been discouraged for decades. RDP and SSH are frequently exposed to the internet for remote management, but the level of exposure for an average company here should encourage financial services organizations to evaluate their external attack surface.
However, the report also noted that, compared to 2021, the attack surface of the FTSE 350 is greatly improved.